Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AFE] 'ImagePath' = '%WINDIR%\AFE.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\AFE] 'Start' = '00000002'
- '<SYSTEM32>\sc.exe' config AFE DisplayName= "Advanced Filtering Engine"
- '<SYSTEM32>\cmd.exe' /c sc description AFE "The Advanced Filtering Engine (AFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or dis...
- '<SYSTEM32>\net1.exe' start AFE
- '%WINDIR%\AFE.exe'
- '<SYSTEM32>\sc.exe' description AFE "The Advanced Filtering Engine (AFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling...
- '<SYSTEM32>\cmd.exe' /C sc config AFE DisplayName= "Advanced Filtering Engine"
- '<SYSTEM32>\cmd.exe' /C sc create AFE binpath= "%WINDIR%\AFE.exe" start= auto
- '<SYSTEM32>\cmd.exe' /C net start AFE
- '<SYSTEM32>\net.exe' start AFE
- '<SYSTEM32>\sc.exe' create AFE binpath= "%WINDIR%\AFE.exe" start= auto
- %WINDIR%\RCX1.tmp
- %WINDIR%\AFE.exe
- %WINDIR%\AFE.exe
- %WINDIR%\AFE.exe
- 'www.dr####treams.com':8080
- DNS ASK www.dr####treams.com