Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'Explorer.exe ypager.exe s'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{523702KJY0-YKN5OK-D1KOW-F49T8-TVUI81RWM141}] 'StubPath' = 'netconfig.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\TlntSvr] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet002\Services\TlntSvr] 'Start' = '00000002'
- <SYSTEM32>\ypager.exe s
- %WINDIR%\netconfig.exe s
- <SYSTEM32>\net1.exe localgroup /ADD %USERNAME%s Support721
- <SYSTEM32>\net1.exe user Support721 698521 /ADD
- <SYSTEM32>\cmd.exe /c %TEMP%\12587.bat
- %TEMP%\TMP301.tmp
- %TEMP%\12587.bat
- %WINDIR%\netconfig.exe
- <SYSTEM32>\ypager.exe
- %TEMP%\TMP011.tmp
- %WINDIR%\netconfig.exe
- <SYSTEM32>\ypager.exe
- %TEMP%\TMP301.tmp
- %TEMP%\TMP011.tmp