Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\catsrvut4d72] 'ImagePath' = '<SYSTEM32>\rundll32.exe "%CommonProgramFiles%\Microsoft Shared\MSInfo\catsrvut4d72.dll",ServiceBoot'
- [<HKLM>\SYSTEM\ControlSet001\Services\catsrvut4d72] 'Start' = '00000002'
- '<SYSTEM32>\ping.exe' 127.1 -n 2
- '<SYSTEM32>\cmd.exe' /c ping 127.1 -n 2&del "<Полный путь к файлу>"
- '<SYSTEM32>\rundll32.exe' "%CommonProgramFiles%\Microsoft Shared\MSInfo\catsrvut4d72.dll",ServiceBoot
- %CommonProgramFiles%\Microsoft Shared\MSInfo\catsrvut4d72.ini
- %CommonProgramFiles%\Microsoft Shared\MSInfo\catsrvut4d72.dll
- %TEMP%\4a02d.dll
- 'ga#.#x119.com':443
- DNS ASK ga#.#x119.com
- ClassName: 'Shell_TrayWnd' WindowName: ''