Техническая информация
- [<HKLM>\SOFTWARE\Classes\exefile\shell\open\command] '' = 'wmmiexe.exe "%1" %*'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'vscanner' = '%WINDIR%\spooll32.exe'
- '%WINDIR%\spooll32.exe'
- AVGCTRL.EXE
- AVGCC32.EXE
- ntvdm.exe
- fsav32.exe
- GUARD.EXE
- AVSYNMGR.EXE
- NAVAPW32.EXE
- AVPCC.EXE
- zapro.exe
- ZONEALARM.EXE
- AVP32.EXE
- AVP.EXE
- AVPM.EXE
- ClassName: 'RegmonClass' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: '(null)' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'OLLYDBG' WindowName: '(null)'
- ClassName: 'FilemonClass' WindowName: '(null)'
- %WINDIR%\spooll32.exe
- %WINDIR%\wmmiexe.exe
- 'af#.##sportal.com':6667
- 'po#.#mail.com':465
- 'we#.icq.com':80
- we#.icq.com/wwp/msg/1,,,00.html?Ui#################################################################################################################################################################
- DNS ASK af#.##sportal.com
- DNS ASK po#.#mail.com
- DNS ASK we#.icq.com
- ClassName: '18467-41' WindowName: '(null)'