Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{DD3E7DAA-4E18-3454-F9B4-B05D0597DD80}] 'stubpath' = ''
- [<HKLM>\SYSTEM\ControlSet001\Services\oreans32] 'Start' = '00000001'
- %WINDIR%\windows\explorer.exe
- <SYSTEM32>\svchost.exe
- %WINDIR%\Explorer.EXE
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: ''
- %WINDIR%\windows\explorer.exe
- %APPDATA%\addons.dat
- %APPDATA%\addons.dat
- %WINDIR%\windows\explorer.exe
- 'se####za.no-ip.biz':81
- DNS ASK se####za.no-ip.biz
- ClassName: '18467-41' WindowName: ''