Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '156' = 'QQProtectUpd.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Please Input Service Name] 'Start' = '00000002'
- <SYSTEM32>\reg.exe add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v 156 /d QQProtectUpd.exe /f
- <SYSTEM32>\taskkill.exe /f /im Ksafetray.exe
- <SYSTEM32>\svchost.exe -k netsvcs
- %PROGRAM_FILES%\FileName.pic
- C:\selang.ini
- C:\selang.ini
- '12#.#59.19.78':8000
- ClassName: '' WindowName: ''