Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe csrcs.exe s'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{485213KWCW-UJU5OR-D1KOW-F49R8-TVUI81REJ745}] 'StubPath' = 'systemchk.exe'
- [<HKLM>\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- [<HKLM>\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] 'EnableFirewall' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] 'EnableFirewall' = '00000000'
- Центр обеспечения безопасности (Security Center)
- '<SYSTEM32>\csrcs.exe' s
- '%WINDIR%\systemchk.exe' s
- '<SYSTEM32>\net1.exe' localgroup /ADD %USERNAME%s Support721
- '<SYSTEM32>\net1.exe' user Support721 6692824 /ADD
- %WINDIR%\systemchk.exe
- %TEMP%\TMP301.tmp
- <SYSTEM32>\csrcs.exe
- %TEMP%\TMP011.tmp
- %WINDIR%\systemchk.exe
- <SYSTEM32>\csrcs.exe
- %TEMP%\TMP301.tmp
- %TEMP%\TMP011.tmp