Техническая информация
- [<HKLM>\SYSTEM\ControlSet003\Services\AppMgmt] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\AppMgmt] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- '<SYSTEM32>\net1.exe' stop sharedaccess
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 5
- '<SYSTEM32>\sc.exe' config sharedaccess start= Disabled
- '<SYSTEM32>\net.exe' stop AppMgmt
- '<SYSTEM32>\net1.exe' stop AppMgmt
- '<SYSTEM32>\net.exe' stop sharedaccess
- <SYSTEM32>\key2.dat
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\init[1].exe
- <SYSTEM32>\ComLib.dll
- <SYSTEM32>\SocketComIO.dll
- <SYSTEM32>\getconf.lib
- <SYSTEM32>\getconf.lib
- 'gu######.oss.aliyuncs.com':80
- 'localhost':1036
- gu######.oss.aliyuncs.com/init.exe
- DNS ASK gu######.oss.aliyuncs.com