Technical Information
- <SYSTEM32>\sysfxui.dll
- <Current directory>\run.sct
- <Current directory>\aaaaaaaaaaaaaaaaaaaaaaaaa
- <Current directory>\output.tlb
- <Current directory>\sysfxui.dll
- <Current directory>\sysfxui.dll.bak
- %TEMP%\workspace\mountpoint\bit692e.tmp
- %TEMP%\workspace\mountpoint\bit692e.tmp
- <Current directory>\aaaaaaaaaaaaaaaaaaaaaaaaa
- <Current directory>\output.tlb
- <Current directory>\run.sct
- <Current directory>\sysfxui.dll.bak
- from %TEMP%\workspace\mountpoint\bit692e.tmp to %TEMP%\workspace\mountpoint\test.txt
- 'localhost':445
- 'localhost':49174
- 'localhost':58185
- 'localhost':63784
- '<SYSTEM32>\bitsadmin.exe' /reset /allusers' (with hidden window)
- '<SYSTEM32>\bitsadmin.exe' /reset /allusers
- '<SYSTEM32>\cmd.exe'