Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Libnet.NET' = 'rundll32.exe "<LS_APPDATA>\WdWebClock\Libnet.NET.dll",tcpPathmon2 smiUserdll32'
- <SYSTEM32>\rundll32.exe "<LS_APPDATA>\WdWebClock\Libnet.NET.dll",tcpPathmon2 smiUserdll32
- <SYSTEM32>\rundll32.exe "%TEMP%\tapiWIdb.dll", tcpPathmon2 CatDBPathlink
- <LS_APPDATA>\WdWebClock\Libnet.NET.dll
- %TEMP%\tapiWIdb.dll
- %TEMP%\tapiWIdb.dll
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'SystemPathPort' WindowName: ''