Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\javatmsup] 'Start' = '00000002'
- '<SYSTEM32>\pcusb.exe' 1lx
- '<SYSTEM32>\monobj.exe' /combine local system
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- '<SYSTEM32>\taskeng.exe' {4856B13C-54F5-4F0E-9683-77018FA42EBE} S-1-5-18:NT AUTHORITY\System:Service:
- C:\Users\Public\Documents\ntuser{4CB43D7F-7EEE-4906-8698-FFFFFFFF80A5F801}.pol
- C:\Users\Public\Documents\ntuser{4CB43D7F-7EEE-4906-8698-FFFFFFFF70141501}.pol
- C:\Users\Public\Documents\ntuser{4CB43D7F-7EEE-4906-8698-FFFFFFFF70AA0201}.pol
- <SYSTEM32>\config\systemprofile\Contacts\desktop.ini
- C:\Users\Public\Documents\ntuser{4CB43D7F-7EEE-4906-8698-FFFFFFFF8094E303}.pol
- C:\Users\Public\Documents\ntuser{4CB43D7F-7EEE-4906-8698-FFFFFFFF80CD9101}.pol
- <SYSTEM32>\monobj.exe
- %TEMP%\de859faf-776c-4919-b84e-4bca0438b44e
- <SYSTEM32>\libctf.exe
- C:\Users\Public\Documents\ntuser{4CB43D7F-7EEE-4906-8698-54071D5570941101}.pol
- <SYSTEM32>\Tasks\Microsoft\Windows\Media Center\PBDARegisterSW
- <SYSTEM32>\pcusb.exe
- <SYSTEM32>\config\systemprofile\Contacts\desktop.ini
- %TEMP%\de859faf-776c-4919-b84e-4bca0438b44e в %TEMP%\wincpl.exe
- '21#.#6.128.149':21
- DNS ASK dn#.##ftncsi.com