Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\terminaldevice] 'Start' = '00000002'
- 'C:\Usermj\userj\docs\svchost.exe'
- '<SYSTEM32>\attrib.exe' c:\usermj +s +h
- '<SYSTEM32>\net1.exe' start terminaldevice
- '<SYSTEM32>\attrib.exe' c:\recycler +s +h
- '<SYSTEM32>\wscript.exe' "c:\Usermj\userj\docs\fe.vbs"
- '<SYSTEM32>\cmd.exe' /c ""c:\Usermj\userj\docs\ja.bat" "
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shell32.dll,OpenAs_RunDLL c:\Usermj\userj\docs\sania.pps
- C:\Usermj\userj\docs\svchost.exe
- C:\Usermj\userj\docs\fe.vbs
- C:\Usermj\userj\docs\ja.bat
- C:\Usermj\userj\docs\sania.pps
- 'ne###peed.net':21
- DNS ASK ne###peed.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'