Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Enmeil] 'Start' = '00000002'
- 'C:\system' %PROGRAM_FILES%\474757\common\utility.dll CreateLogObjects
- '<SYSTEM32>\svchost.exe' -k Enmeil
- '<SYSTEM32>\PING.EXE' 127.0.0.1 -n 3
- '<SYSTEM32>\sc.exe' stop w32time
- '<SYSTEM32>\sc.exe' config Enmeil start= auto
- '<SYSTEM32>\sc.exe' start Enmeil
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEF5.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEE4.tmp
- C:\system
- %PROGRAM_FILES%\474757\common\Utility.dll
- C:\system
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEE4.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEF5.tmp
- '19#.#92.158.207':2752
- DNS ASK dn#.##ftncsi.com