Technical Information
- [HKLM\System\CurrentControlSet\Services\videoshedule] 'Start' = '00000002'
- [HKLM\System\CurrentControlSet\Services\videoshedule] 'ImagePath' = '%WINDIR%\SysWOW64\videoshedule.exe'
- 'videoshedule' %WINDIR%\SysWOW64\videoshedule.exe
- %WINDIR%\syswow64\videoshedule.exe
- from <Full path to file> to %WINDIR%\syswow64\videoshedule.exe
- '85.##4.219.12':443
- '87.##6.247.42':8080
- http://85.###.219.12:443/ via 85.##4.219.12