Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\mnmsrvc] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\mnmsrvc] 'ImagePath' = '<SYSTEM32>\netmeeting.exe'
- '%PROGRAM_FILES%\MSBuild\ctfmon.exe'
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>\a.bat
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\MSWINSCK.OCX
- %PROGRAM_FILES%\VMware files\vmnetdhcp.exe
- %PROGRAM_FILES%\NetXML\msxmlr.exe
- <Текущая директория>\a.bat
- <SYSTEM32>\netmeeting.exe
- %PROGRAM_FILES%\MSBuild\ctfmon.exe
- <SYSTEM32>\MSWINSCK.OCX
- %PROGRAM_FILES%\Update files\update_temp.exe
- %CommonProgramFiles%\Installations\wuauctl.exe
- %PROGRAM_FILES%\VMware files\vmnetdhcp.exe
- <SYSTEM32>\netmeeting.exe
- %PROGRAM_FILES%\NetXML\msxmlr.exe
- %CommonProgramFiles%\Installations\wuauctl.exe
- %PROGRAM_FILES%\Update files\update_temp.exe
- <SYSTEM32>\netmeeting.exe
- ClassName: 'WOLIICLIENT' WindowName: ''
- ClassName: 'sjl_client' WindowName: '??????????'
- ClassName: 'sjl_client' WindowName: '?????——???'
- ClassName: 'GxWindowClassD3d' WindowName: ''
- ClassName: 'MLANDCLIENT' WindowName: ''
- ClassName: 'TWINCONTROL' WindowName: '??????'