(02)異常管理 » 02_資安事件及異常紀錄

Description
A suspicious process injected into another process in an unusual way. Investigate the process trees for the injector and injectee.

Command line
"C:\WINDOWS\system32\rundll32.exe" D:\Users\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.3.12\x64\LenovoBatteryGaugePackage.dll UnloadBatteryGaugeFromExplorer