Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run] 'SOUNDMAX' = '%WINDIR%\SVCHOST.EXE'
- '%WINDIR%\regedit.exe' /s %WINDIR%\bak.reg
- %WINDIR%\SVCH0ST.EXE
- %WINDIR%\bak.reg
- %WINDIR%\SVCHOST.ini
- %WINDIR%\SVCH0ST.EXE
- %WINDIR%\SVCHOST.EXE
- %WINDIR%\SVCHOST.ini
- %WINDIR%\SVCHOST.ini в %WINDIR%\SVCHOST.EXE
- '<IP-адрес в локальной сети>':5858
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: 'DebugHelper '
- ClassName: '' WindowName: 'DT '