Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Update Service' = '%WINDIR%\driver\svchost.exe'
- '%WINDIR%\driver\svchost.exe'
- '<SYSTEM32>\ping.exe' -n 1 localhost
- %WINDIR%\driver\svchost.exe
- %WINDIR%\driver\id
- %WINDIR%\driver\svchost.exe
- %WINDIR%\driver\id
- 're#####s.bounceme.net':9500
- DNS ASK re#####s.bounceme.net
- ClassName: 'Indicator' WindowName: ''