Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\NationalSer1.5] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\winlogav] 'Start' = '00000002'
- C:\zd1.5_ser.exe
- <SYSTEM32>\ntlxu.exe
- C:\3.exe
- %TEMP%\185dlq.exe
- %TEMP%\РЎВн.exe
- <SYSTEM32>\svchost.exe -k krnlsrvc
- C:\zd1.5_ser.exe
- %TEMP%\211312_res.tmp
- <SYSTEM32>\ntlxu.exe
- %TEMP%\185dlq.exe
- %TEMP%\РЎВн.exe
- C:\3.exe
- <SYSTEM32>\RtmctnC.dll
- C:\zd1.5_ser.exe
- C:\3.exe
- %TEMP%\211312_res.tmp в <SYSTEM32>\RtmctnC.dll
- 'xj##.8866.org':8080
- '09###b.3322.org':7610
- DNS ASK xj##.8866.org
- DNS ASK 09###b.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''