Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22C4B42E-3437-2BF0-64E9-5556BFE46AD0}] 'StubPath' = '<SYSTEM32>:svchost.exe'
- C:\tmp5082.exe
- %WINDIR%\Explorer.EXE
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- <SYSTEM32>:svchost.exe
- C:\tmp5082.exe
- C:\tmp5082.exe
- 'localhost':1801
- 'go####t.no-ip.biz':1801
- DNS ASK go####t.no-ip.biz
- ClassName: '18467-41' WindowName: ''