Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Help' = '%WINDIR%\hdesk.exe'
- <SYSTEM32>\cmd.exe /c start C:\Arq.bat
- C:\Arq.bat
- C:\Edt.reg
- %WINDIR%\hdesk.exe
- C:\Arq.bat
- 'www.c3####rmatica.net':80
- www.c3####rmatica.net/site/img/index.php
- DNS ASK www.c3####rmatica.net
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''