Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\WNet] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\WNet] 'ImagePath' = '%ProgramFiles(x86)%\WNet\WNet.exe'
- 'WNet' %ProgramFiles(x86)%\WNet\WNet.exe
- %WINDIR%\syswow64\explorer.exe
- %TEMP%\nsr1516.tmp
- %ProgramFiles(x86)%\wnet\wnet.exe
- %ProgramFiles(x86)%\wnet\nfapi.dll
- %ProgramFiles(x86)%\wnet\ssleay32.dll
- %ProgramFiles(x86)%\wnet\libeay32.dll
- %ProgramFiles(x86)%\wnet\protocolfilters.dll
- %TEMP%\nsm1630.tmp\system.dll
- %ProgramFiles(x86)%\wnet\ssfilterdrv.sys
- %ProgramFiles(x86)%\wnet\nfregdrv.exe
- %ProgramFiles(x86)%\wnet\uninst.exe
- <DRIVERS>\ssfilterdrv.sys
- %TEMP%\nsm1630.tmp\simplesc.dll
- %TEMP%\nsm1630.tmp\selfdel.dll
- %ProgramFiles(x86)%\wnet\ssfilterdrv.sys
- %TEMP%\nsm1630.tmp\selfdel.dll
- %TEMP%\nsm1630.tmp\simplesc.dll
- %TEMP%\nsm1630.tmp\system.dll
- 'br####warellc.com':80
- DNS ASK br####warellc.com
- ClassName: 'MS_WINHELP' WindowName: ''
- '%ProgramFiles(x86)%\wnet\nfregdrv.exe' <DRIVERS>\ssfilterdrv.sys
- '%ProgramFiles(x86)%\wnet\wnet.exe' /install /SILENT
- '%ProgramFiles(x86)%\wnet\wnet.exe'
- '%WINDIR%\syswow64\cmd.exe' /c net start WNet' (со скрытым окном)
- '%WINDIR%\syswow64\cmd.exe' /c net start WNet
- '%WINDIR%\syswow64\explorer.exe'
- '%WINDIR%\syswow64\net.exe' start WNet
- '%WINDIR%\syswow64\net1.exe' start WNet