Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\iompService] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\iompService] 'ImagePath' = 'C:\Users\Public\Documents\Tencent\QzonePlugins\QQPhotoDrawUpdateSvrn.exe'
- C:\Users\Public\Documents\Tencent\QzonePlugins\update.dat
- C:\Users\Public\Documents\Tencent\QzonePlugins\a.bat
- C:\Users\Public\Documents\Tencent\QzonePlugins\bitbug_favicon.ico
- C:\Users\Public\Documents\Tencent\QzonePlugins\c.bat
- C:\Users\Public\Documents\Tencent\QzonePlugins\curllib.dll
- C:\Users\Public\Documents\Tencent\QzonePlugins\QQPhotoDrawUpdateSvr.exe
- ClassName: 'EDIT' WindowName: ''
- '<SYSTEM32>\cmd.exe' /c ""C:\Users\Public\Documents\Tencent\QzonePlugins\a.bat" "
- '<SYSTEM32>\rundll32.exe' url.dll,OpenURLA c.bat
- '<SYSTEM32>\cmd.exe' /c "C:\Users\Public\Documents\Tencent\QzonePlugins\c.bat "
- '<SYSTEM32>\sc.exe' create iompService binPath= C:\Users\Public\Documents\Tencent\QzonePlugins\QQPhotoDrawUpdateSvrn.exe start= auto DisplayName= iompService