Техническая информация
- %WINDIR%\Fonts\csrss.exe
- %WINDIR%\Fonts\QL.bat
- %WINDIR%\Fonts\MZDD.bat
- %WINDIR%\Fonts\START.bat
- %WINDIR%\Fonts\svchost.exe
- %WINDIR%\Fonts\csrss.exe
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c WEVTUTIL EL
- '<SYSTEM32>\sc.exe' delete Adater
- '<SYSTEM32>\sc.exe' delete serv
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Fonts\start.bat" "
- '<SYSTEM32>\sc.exe' delete Adaptar
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\Fonts\QL.bat" "