Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TlntSvr] 'Start' = '00000002'
- <SYSTEM32>\dllcache\tlntsvr.exe
- <SYSTEM32>\tlntsvr.exe
- <SYSTEM32>\attrib.exe +h +s c:\time.log
- <SYSTEM32>\tlntsvr.exe
- <SYSTEM32>\lsass.exe
- ClassName: '' WindowName: 'Windows File Protection'
- <SYSTEM32>\tollers.ini
- <SYSTEM32>\lottery.dll
- C:\time.log
- C:\time.log
- <SYSTEM32>\tollers.ini
- 'ti####orfree.bpa.nu':8088
- DNS ASK ti####orfree.bpa.nu
- ClassName: '' WindowName: '?????? ?????? Windows'
- ClassName: '' WindowName: 'Windows ????????'