Техническая информация
- C:\hdsxup\AppUpdate.exe "c:\hdsxup\config.dll" start007
- <SYSTEM32>\attrib.exe +H +R ""%TEMP%\abaae9a4c3f92db7685c81dde9058540.dat""
- <SYSTEM32>\cacls.exe ""%HOMEPATH%\Local Settings\Temp"" /T /P everyone:F
- <SYSTEM32>\cacls.exe ""%TEMP%\abaae9a4c3f92db7685c81dde9058540.dat"" /T /P everyone:N
- <SYSTEM32>\attrib.exe +H +R "c:\hdsxup"
- <SYSTEM32>\net1.exe start W32Time
- <SYSTEM32>\sc.exe config W32Time start=auto
- <SYSTEM32>\sc.exe stop W32Time
- <SYSTEM32>\cmd.exe /c c:\hdsxup\AppUpdate.exercu.bat
- <SYSTEM32>\wscript.exe c:\fjeljh\utors.vbs
- C:\fjeljh\utors.vbs
- C:\hdsxup\AppUpdate.exercu.bat
- C:\hdsxup\config.dll
- C:\hdsxup\AppUpdate.exe
- C:\fjeljh\utors.vbs
- 'rj###8.3322.org':8566
- DNS ASK rj###8.3322.org
- DNS ASK ti##.#indows.com
- 'ti##.#indows.com':123
- '<IP-адрес в локальной сети>':123