Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Phxphx Qiyqh] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Phxphx Qiyqh] 'ImagePath' = '%ProgramFiles(x86)%\AppPatch\AppPotch'
- 'Phxphx Qiyqh' %ProgramFiles(x86)%\AppPatch\AppPotch
- %ProgramFiles(x86)%\apppatch\apppotch
- C:\3100.vbs
- %ProgramFiles(x86)%\apppatch\apppotch
- C:\3100.vbs
- '10#.#7.24.74':6529
- '%ProgramFiles(x86)%\apppatch\apppotch'
- '%ProgramFiles(x86)%\apppatch\apppotch' Win7
- '%WINDIR%\syswow64\wscript.exe' "C:\3100.vbs"
- '%WINDIR%\syswow64\wscript.exe' "C:\3100.vbs"' (со скрытым окном)