Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Bcdefg] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Bcdefg] 'ImagePath' = '%WINDIR%\svchost.exe'
- 'Bcdefg' %WINDIR%\svchost.exe
- %WINDIR%\svchost.exe
- %WINDIR%\svchost.exe в %WINDIR%\syswow64\1074160.bak
- '49.##2.144.22':6875
- ClassName: 'CTXOPConntion_Class' WindowName: ''
- '%WINDIR%\svchost.exe'
- '%WINDIR%\svchost.exe' ' (со скрытым окном)