Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\NRS_Service2] 'Start' = '00000002'
- <SYSTEM32>\2.exe
- <SYSTEM32>\cmd.exe /c %TEMP%\temp.bat
- <SYSTEM32>\2.exe
- %TEMP%\temp.bat
- <SYSTEM32>\srvany.exe
- <SYSTEM32>\nrwsers.sys
- %TEMP%\E_N4\krnln.fnr
- %TEMP%\E_N4\Exmlrpc.fne
- %TEMP%\E_N4\zlib.dll
- <SYSTEM32>\2.exe
- '12#.#72.242.4':8793
- ClassName: 'Shell_TrayWnd' WindowName: ''