Техническая информация
- %TEMP%\svchost.exe
- <SYSTEM32>\taskkill.exe /f /t /im avp.exe
- <SYSTEM32>\sc.exe config avp start= disabled
- <SYSTEM32>\rundll32.exe %TEMP%\203562.dll testall
- %WINDIR%\Fonts\pci.sys
- %TEMP%\203562.dll
- %TEMP%\svchost.exe
- %WINDIR%\Fonts\pci.sys
- ClassName: '' WindowName: ''