Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\NetWK] 'Start' = '00000002'
- %WINDIR%\Debug\conime.exe
- <SYSTEM32>\attrib.exe +r +s +h %WINDIR%\Debug\conime.exe
- <SYSTEM32>\attrib.exe +r <SYSTEM32>\admdll.dll
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\108.bat" "
- %WINDIR%\regedit.exe /s <SYSTEM32>\ra.reg
- <SYSTEM32>\explore.exe
- <SYSTEM32>\ra.reg
- <SYSTEM32>\108.bat
- <SYSTEM32>\tcp.reg
- <SYSTEM32>\admdll.dll
- %WINDIR%\Debug\conime.exe
- <SYSTEM32>\ra.reg
- <SYSTEM32>\explore.exe в %WINDIR%\Debug\conime.exe
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''