Technical Information
- Windows Firewall
- '%WINDIR%\syswow64\net.exe' stop MpsSvc
- %WINDIR%\syswow64\explorer.exe
- DNS ASK yn####1talv7w.info
- '%WINDIR%\syswow64\cmd.exe' /c net stop MpsSvc' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c sc config MpsSvc start= disabled' (with hidden window)
- '%WINDIR%\syswow64\explorer.exe'
- '%WINDIR%\syswow64\cmd.exe' /c net stop MpsSvc
- '%WINDIR%\syswow64\cmd.exe' /c sc config MpsSvc start= disabled
- '%ProgramFiles(x86)%\internet explorer\iexplore.exe' -nohome
- '%WINDIR%\syswow64\sc.exe' config MpsSvc start= disabled
- '%WINDIR%\syswow64\net1.exe' stop MpsSvc