Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Broadcom' = '%APPDATA%\Systemrc\SysServices.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Broadcom' = '%APPDATA%\Systemrc\SysServices.exe'
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\4.tmp
- %TEMP%\$inst\5.tmp
- %TEMP%\$inst\temp_0.tmp
- %APPDATA%\Systemrc\SysServices.exe
- %APPDATA%\Systemrc\7z.dll
- %APPDATA%\Systemrc\7z.exe
- %APPDATA%\Systemrc\libmySQL.dll
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\4.tmp
- %TEMP%\$inst\5.tmp
- '74.##5.232.51':443
- DNS ASK www.google.com
- '%APPDATA%\Systemrc\SysServices.exe'
- '<SYSTEM32>\schtasks.exe' /create /RL HIGHEST /sc minute /mo 1 /tn "Systemmanedger" /tr %APPDATA%\Systemrc\SysServices.exe /F
- '<SYSTEM32>\schtasks.exe' /create /RL HIGHEST /sc minute /mo 1 /tn "Googlesynchronize" /tr %APPDATA%\Systemrc\SysServices.exe /F