Техническая информация
- '%TEMP%\~ms10.tmp'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\t.bat" "
- '<SYSTEM32>\taskkill.exe' /f /pid 2812
- %WINDIR%\Explorer.EXE
- %PROGRAM_FILES%\MSDN\hehex.sys
- %PROGRAM_FILES%\MSDN\mylpk.dll
- %TEMP%\t.bat
- %TEMP%\~ms10.tmp
- %PROGRAM_FILES%\MSDN\LHL13.sys
- %PROGRAM_FILES%\MSDN\000000001
- %PROGRAM_FILES%\MSDN\hehex.sys
- %PROGRAM_FILES%\MSDN\mylpk.dll
- %PROGRAM_FILES%\MSDN\LHL13.sys
- %TEMP%\~ms10.tmp
- %PROGRAM_FILES%\MSDN\000000001
- 'e2##.ztecnc.com':81
- 'localhost':1036
- DNS ASK e2##.ztecnc.com
- ClassName: '(null)' WindowName: '(null)'