Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'help' = '%APPDATA%\InstallDir\help.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'help' = '%APPDATA%\InstallDir\help.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows' = '<SYSTEM32>\InstallDir\svchost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows' = '<SYSTEM32>\InstallDir\svchost.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{FBX3D085-P4ES-B5GP-3S13-N0W2W8I5XQ5V}] 'StubPath' = '<SYSTEM32>\InstallDir\svchost.exe restart'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{FBX3D085-P4ES-B5GP-3S13-N0W2W8I5XQ5V}] 'StubPath' = '<SYSTEM32>\InstallDir\svchost.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\system.pif
- %HOMEPATH%\Start Menu\Programs\Startup\system.pif
- '<SYSTEM32>\net.exe' stop MpsSvc
- <SYSTEM32>\svchost.exe
- IEXPLORE.EXE
- %APPDATA%\InstallDir\help.exe
- <SYSTEM32>\InstallDir\svchost.exe
- <Полный путь к файлу>
- <SYSTEM32>\InstallDir\svchost.exe
- 'localhost':1036
- 'bo###9.ddns.net':82
- DNS ASK bo###9.ddns.net
- '<Полный путь к файлу>'
- '<SYSTEM32>\cmd.exe' net stop MpsSvc
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE'
- '<SYSTEM32>\net1.exe' stop MpsSvc
- '<SYSTEM32>\svchost.exe'