Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\RSVP] 'Start' = '00000002'
- '<SYSTEM32>\net.exe' stop RSVP
- '<SYSTEM32>\net.exe' stop cryptsvc
- %TEMP%\bt2606.bat
- %TEMP%\bt2606.bat
- '<SYSTEM32>\cmd.exe' /c %TEMP%\bt2606.bat
- '<SYSTEM32>\net1.exe' stop RSVP
- '<SYSTEM32>\sc.exe' config RSVP start= auto
- '<SYSTEM32>\net1.exe' stop cryptsvc
- '<SYSTEM32>\cmd.exe' /c tasklist/m rsvpperf.dll|find "rsvpperf.dll"
- '<SYSTEM32>\tasklist.exe' /m rsvpperf.dll
- '<SYSTEM32>\find.exe' "rsvpperf.dll"