Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\npkusvc] 'Start' = '00000002'
- '%HOMEPATH%\Templates\skbrod.exe'
- '%TEMP%\is-V6V69.tmp\setup.tmp' /SL5="$40092,5309387,54272,%HOMEPATH%\Templates\setup.exe"
- '%HOMEPATH%\Templates\setup.exe'
- '%HOMEPATH%\Templates\20990_6885\npkusvc.exe'
- '<SYSTEM32>\destract.exe'
- %TEMP%\is-V6V69.tmp\setup.tmp
- %HOMEPATH%\Templates\skbrod.exe
- %TEMP%\is-OP8TK.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-OP8TK.tmp\_isetup\_RegDLL.tmp
- %HOMEPATH%\Templates\setup.exe
- %HOMEPATH%\Templates\20990_6885\npkusvc.exe
- %HOMEPATH%\Templates\skbrod.ini
- <SYSTEM32>\destract.exe
- %HOMEPATH%\Templates\skbrod.ini
- %HOMEPATH%\Templates\skbrod.ini.tmp в %HOMEPATH%\Templates\skbrod.ini
- 'www.io##e.com':80
- 'sd#.##yaction.com':9300
- 'localhost':1037
- DNS ASK www.io##e.com
- DNS ASK sd#.##yaction.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Internet Explorer_Server' WindowName: '(null)'
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Shell Embedding' WindowName: '(null)'
- ClassName: 'Shell DocObject View' WindowName: '(null)'