Technical Information
- '<SYSTEM32>\taskkill.exe' /IM VpnSvc.exe /f
- '<SYSTEM32>\taskkill.exe' /IM Vpn.exe /f
- %TEMP%\aut1.tmp
- C:\gecici_proje_klasoru\grey.gif
- %TEMP%\aut2.tmp
- C:\gecici_proje_klasoru\nm.png
- %TEMP%\aut3.tmp
- C:\gecici_proje_klasoru\AVG.exe
- %TEMP%\aut4.tmp
- C:\gecici_proje_klasoru\avg_secure_vpn_setup.exe
- %TEMP%\5.tmp\AVG.bat
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut3.tmp
- %TEMP%\aut4.tmp
- ClassName: '' WindowName: ''
- 'C:\gecici_proje_klasoru\AVG.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\5.tmp\AVG.bat" C:\gecici_proje_klasoru\AVG.exe"
- '<SYSTEM32>\reg.exe' delete "HKLM\SOFTWARE\AVG" /f
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 6