Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'RunServices' = '<SYSTEM32>\Service.exe -s'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'RunServices' = '<SYSTEM32>\Service.exe -s'
- <SYSTEM32>\1230\smss.exe -d
- <SYSTEM32>\InVMU.exe
- <SYSTEM32>\MuBot.exe
- <SYSTEM32>\sc.exe stop wscsvc
- <SYSTEM32>\sc.exe config wscsvc start= "Disabled"
- <SYSTEM32>\sc.exe stop SharedAccess
- <SYSTEM32>\sc.exe config SharedAccess start= "Disabled"
- <SYSTEM32>\MSWINSCK.OCX
- <SYSTEM32>\1230\smss.exe
- <SYSTEM32>\Service.exe
- <SYSTEM32>\ActiveZipper.ocx
- <SYSTEM32>\MuBot.exe
- <SYSTEM32>\InVMU.exe
- %TEMP%\~DFFB60.tmp
- %TEMP%\~DFC411.tmp
- 'xc#####r.game-host.org':5080
- DNS ASK xc#####r.game-host.org
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''