Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\PROCEXP113] 'ImagePath' = '<DRIVERS>\PROCEXP113.SYS'
- <SYSTEM32>\handle.exe -accepteula -a e37
- <SYSTEM32>\handle.exe -accepteula -a c41
- <SYSTEM32>\handle.exe -accepteula -a gb
- <SYSTEM32>\cmd.exe /c ""%TEMP%\ECZ1.bat" "
- <SYSTEM32>\flv
- <SYSTEM32>\flx
- %TEMP%\ECZ1.bat
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- <SYSTEM32>\handle.exe
- <DRIVERS>\PROCEXP113.SYS
- <SYSTEM32>\fls
- <SYSTEM32>\flv
- <SYSTEM32>\handle.exe
- <SYSTEM32>\flx
- <DRIVERS>\PROCEXP113.SYS
- <SYSTEM32>\fls
- ClassName: 'MS_WINHELP' WindowName: ''