Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Bethserv] 'Start' = '00000002'
- <SYSTEM32>\x86\svchost.exe -service
- <SYSTEM32>\sc.exe description Bethserv "Detects unsuccessful attempts to connect to a remote network or computer and provides alternative methods for connection. If this service is stopped, users will need to manually connect. If this service is disabled, any services that explicitly depend on it will fail to start."
- <SYSTEM32>\net1.exe start "Bethserv"
- <SYSTEM32>\netsh.exe firewall set opmode disable
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\x86\start bat.bat" "
- <SYSTEM32>\sc.exe create "Bethserv" binpath= "<SYSTEM32>\x86\svchost.exe -service" type= own type= interact start= auto
- <SYSTEM32>\sc.exe config "Bethserv" DisplayName= "Bluetooth Support Service"
- <SYSTEM32>\x86\CCProxy.ini
- <SYSTEM32>\x86\start bat.bat
- <SYSTEM32>\x86\svchost.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- <SYSTEM32>\x86\CCProxy.dll
- %TEMP%\$inst\temp_0.tmp
- '67.##5.160.76':80
- DNS ASK www.ya##o.com
- '<IP-адрес в локальной сети>':1036
- ClassName: 'svchost' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''