Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Microsoft Software NetWork] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Microsoft Software NetWork] 'ImagePath' = '<SYSTEM32>\svchost.exe -k imgsvc'
- 'Microsoft Software NetWork' <SYSTEM32>\svchost.exe -k imgsvc
- C:\net-mysql.sql
- C:\users\public\documents\device.cpx
- C:\recycle\myservicedll.dll
- C:\net-mysql.sql
- C:\net-mysql.sql
- 'ji####gyinwu.com':80
- DNS ASK ji####gyinwu.com
- ClassName: 'CTXOPConntion_Class' WindowName: ''
- 'C:\recycle\helpcontentindexer.exe'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- '%WINDIR%\notepad.exe'