Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Geolocation] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\Geolocation] 'ImagePath' = 'C:\Users\Public\Documents\Tencent\QzonePlugin\QQPhotoDrawUpdateSvrn.exe'
- C:\Users\Public\Documents\Tencent\QzonePlugin\update.dat
- C:\Users\Public\Documents\Tencent\QzonePlugin\a.bat
- C:\Users\Public\Documents\Tencent\QzonePlugin\bitbug_favicon.ico
- C:\Users\Public\Documents\Tencent\QzonePlugin\c.bat
- C:\Users\Public\Documents\Tencent\QzonePlugin\curllib.dll
- C:\Users\Public\Documents\Tencent\QzonePlugin\QQPhotoDrawUpdateSvr.exe
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""C:\Users\Public\Documents\Tencent\QzonePlugin\a.bat" "
- '<SYSTEM32>\rundll32.exe' url.dll,OpenURLA c.bat
- '<SYSTEM32>\cmd.exe' /c "C:\Users\Public\Documents\Tencent\QzonePlugin\c.bat "
- '<SYSTEM32>\sc.exe' create Geolocation binPath= C:\Users\Public\Documents\Tencent\QzonePlugin\QQPhotoDrawUpdateSvrn.exe start= auto DisplayName= Geolocation