Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\framenetwork.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\Microsoft FrameNetwork] 'Start' = '00000002'
- C:\Win32\Log\wscntfy.exe
- C:\Win32\smss.exe
- <SYSTEM32>\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /f /v DisableTaskMgr /t REG_DWORD /d 0
- <SYSTEM32>\net.exe stop "wscsvc"
- <SYSTEM32>\net1.exe stop "wscsvc"
- <SYSTEM32>\net1.exe stop "SharedAccess"
- <SYSTEM32>\taskkill.exe /f /im wscntfy.exe /t
- <SYSTEM32>\regsvr32.exe MSINET.OCX /s
- <SYSTEM32>\net.exe stop "SharedAccess"
- <SYSTEM32>\regsvr32.exe MSWINSCK.OCX /s
- <SYSTEM32>\MSINET.OCX
- C:\Win32\MSWINSCK.OCX
- <SYSTEM32>\MSWINSCK.OCX
- C:\Win32\Log\6272012-120700.txt
- C:\Win32\config.ini
- C:\Win32\MSINET.OCX
- C:\Win32\Log\wscntfy.exe
- C:\Win32\port=1268
- C:\Win32\fectipi.exe
- C:\Win32\smss.exe
- C:\Win32\framenetwork.exe
- %TEMP%\~DF2507.tmp
- C:\Win32\port=1268
- 'localhost':20196
- ClassName: '' WindowName: ''