Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ipconfig-extend] 'Start' = '00000002'
- '%WINDIR%\Temp\svchost.exe'
- '<SYSTEM32>\ping.exe' /n 1 127.1
- '<SYSTEM32>\cmd.exe' /c %TEMP%\driver.bat
- '<SYSTEM32>\svchost.exe' -k net-service
- %WINDIR%\Temp\168546_res.tmp
- %TEMP%\driver.bat
- %TEMP%\166640_res.tmp
- <SYSTEM32>\SystemRsmktvC.dll
- %WINDIR%\Temp\168546_res.tmp в %WINDIR%\Temp\svchost.exe
- %TEMP%\166640_res.tmp в <SYSTEM32>\SystemRsmktvC.dll
- '16#.#54.38.57':8899
- ClassName: 'Shell_TrayWnd' WindowName: ''