Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Pqrstu] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Pqrstu] 'ImagePath' = '%WINDIR%\duprua.exe'
- 'Pqrstu' %WINDIR%\duprua.exe
- %WINDIR%\duprua.exe
- из <Полный путь к файлу> в %WINDIR%\syswow64\1282172.bak
- '10#.#93.148.216':6660
- '%WINDIR%\duprua.exe'
- '%WINDIR%\duprua.exe' Win7