Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\] 'Microsoft Windows Services' = '%WINDIR%\6008004470706007\winsvcs.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run\] 'Microsoft Windows Services' = '%WINDIR%\6008004470706007\winsvcs.exe'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\] '%WINDIR%\6008004470706007\winsvcs.exe' = '%WINDIR%\60080044707060...
- %WINDIR%\6008004470706007\winsvcs.exe
- %TEMP%\windows archive manager.exe
- %WINDIR%\6008004470706007\winsvcs.exe
- '%WINDIR%\6008004470706007\winsvcs.exe'