Техническая информация
- [<HKLM>\SOFTWARE\Classes\exefile\shell\open\command] '' = '<SYSTEM32>\desot.exe "%1" %*'
- [<HKLM>\SYSTEM\ControlSet001\Services\AntipPro2009_100] 'Start' = '00000002'
- '%WINDIR%\svchast.exe'
- %WINDIR%\ppp3.dat
- <SYSTEM32>\bennuar.old
- <SYSTEM32>\sysnet.dat
- %WINDIR%\svchast.exe
- <SYSTEM32>\desot.exe
- <SYSTEM32>\dddesot.dll
- %WINDIR%\ppp4.dat
- 'ti##.#tdtime.gov.tw':123
- 'to##.#tdtime.gov.tw':123
- 'ti###.stupi.se':123
- 'co######.davaizagruzki.com':80
- '25#.#55.255.255':0
- co######.davaizagruzki.com/action/action3.cgi?p=#####
- DNS ASK nt##.sp.se
- DNS ASK nt#.##.strath.ac.uk
- DNS ASK ti###.stupi.se
- DNS ASK to##.#tdtime.gov.tw
- DNS ASK ti##.#tdtime.gov.tw
- DNS ASK to##.#sno.navy.mil
- DNS ASK ti##.#indows.com
- DNS ASK co######.davaizagruzki.com
- DNS ASK ti##.nist.gov
- DNS ASK nt##.#bg.netnod.se
- DNS ASK nt##.#s.wisc.edu
- 'localhost':1049
- 'localhost':1047
- 'localhost':1048
- ClassName: 'Shell_TrayWnd' WindowName: ''