Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Primary Logon] 'Start' = '00000002'
- '%WINDIR%\lsass.exe' 2
- '<SYSTEM32>\taskkill.exe' /F /IM vsmon.exe
- '<SYSTEM32>\taskkill.exe' /F /IM zlclient.exe
- zlclient.exe
- %WINDIR%\lsass.exe
- %WINDIR%\svchost.exe
- %WINDIR%\lsass.exe
- %WINDIR%\svchost.exe
- %WINDIR%\svchost.exe
- 'sm##.#bsamail.co.za':25
- DNS ASK sm##.#bsamail.co.za
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''