Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001] 'LibraryPath' = '<SYSTEM32>\mswsock.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002] 'LibraryPath' = '<SYSTEM32>\winrnr.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003] 'LibraryPath' = '<SYSTEM32>\mswsock.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004] 'LibraryPath' = '%CommonProgramFiles%\Microsoft Shared\TextConv\msnsp.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\RsMgrSvc] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\RsMgrSvc] 'ImagePath' = '"%ProgramFiles%\Rising\RSD\RsMgrSvc.exe"'
- %ALLUSERSPROFILE%\Application Data\Intel\index.dat
- %ALLUSERSPROFILE%\Application Data\Windows\comx3.dll.txt
- %ALLUSERSPROFILE%\Application Data\Windows\comx3.dll
- %ALLUSERSPROFILE%\Application Data\Windows\RsStub.exe
- %CommonProgramFiles%\Microsoft Shared\TextConv\msnsp.dll
- %ALLUSERSPROFILE%\Application Data\Windows\mshlp.dll
- %ALLUSERSPROFILE%\Application Data\Windows\WIN.cfg
- %ALLUSERSPROFILE%\Application Data\Windows\comx3.dll
- %ALLUSERSPROFILE%\Application Data\Windows\comx3.dll.txt
- %ALLUSERSPROFILE%\Application Data\Windows\RsStub.exe
- '%ALLUSERSPROFILE%\Application Data\Windows\RsStub.exe'
- '<SYSTEM32>\cmd.exe' /C "%ALLUSERSPROFILE%\Application Data\Windows\RsStub.exe"