Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinUpHelp] 'Start' = '00000002'
- '%WINDIR%\system\smss.exe'
- '<SYSTEM32>\ping.exe' 0.0.0.0
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\rem4785.bat" "
- ClassName: '(null)' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: '(null)'
- ClassName: 'OLLYDBG' WindowName: '(null)'
- ClassName: 'FilemonClass' WindowName: '(null)'
- ClassName: 'pediy06' WindowName: '(null)'
- %TEMP%\rem4785.bat
- %WINDIR%\system\smss.exe
- %WINDIR%\system\smss.exe
- 'ee###.webhop.net':32001
- DNS ASK ee###.webhop.net
- ClassName: '18467-41' WindowName: '(null)'