Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RunServices' = '<SYSTEM32>\Service.exe -s'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'RunServices' = '<SYSTEM32>\Service.exe -s'
- <SYSTEM32>\1230\smss.exe -d
- <SYSTEM32>\sc.exe stop wscsvc
- <SYSTEM32>\sc.exe config wscsvc start= "Disabled"
- <SYSTEM32>\sc.exe stop SharedAccess
- <SYSTEM32>\sc.exe config SharedAccess start= "Disabled"
- <SYSTEM32>\1230\smss.exe
- <SYSTEM32>\Service.exe
- <SYSTEM32>\ActiveZipper.ocx
- <SYSTEM32>\MSWINSCK.OCX
- %TEMP%\~DFF3D1.tmp
- 'xc#####r.game-host.org':5080
- DNS ASK xc#####r.game-host.org
- ClassName: 'Indicator' WindowName: ''