Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'cmdcls.exe' = '<SYSTEM32>\cmdcls.exe'
- %PROGRAM_FILES%\cmdcls.exe
- <SYSTEM32>\cmdcls.exe
- %PROGRAM_FILES%\cmdcls.exe
- %PROGRAM_FILES%\bck.bck
- %PROGRAM_FILES%\cmdcls.exe
- %PROGRAM_FILES%\bck.bck
- 'db#####0.whservidor.com':445
- 'db#####0.whservidor.com':1433
- DNS ASK db#####0.whservidor.com
- ClassName: 'MS_WINHELP' WindowName: ''