Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\borlndmm7a04] 'Start' = '00000002'
- <SYSTEM32>\rundll32.exe "%CommonProgramFiles%\Microsoft Shared\MSInfo\borlndmm7a04.dll",ServiceBoot
- <SYSTEM32>\wscript.exe "%TEMP%\56ad_6d75.vbs" //B //Nologo
- %CommonProgramFiles%\Microsoft Shared\MSInfo\RCX2.tmp
- %CommonProgramFiles%\Microsoft Shared\MSInfo\borlndmm7a04.ini
- %TEMP%\56ad_6d75.vbs
- %CommonProgramFiles%\Microsoft Shared\MSInfo\borlndmm7a04.dll
- %ALLUSERSPROFILE%\DebugLog.log
- %TEMP%\1891_444f.dll
- %TEMP%\RCX1.tmp
- %TEMP%\56ad_6d75.vbs
- %CommonProgramFiles%\Microsoft Shared\MSInfo\borlndmm7a04.ini
- %TEMP%\1891_444f.dll
- %CommonProgramFiles%\Microsoft Shared\MSInfo\borlndmm7a04.dll
- %CommonProgramFiles%\Microsoft Shared\MSInfo\RCX2.tmp в %CommonProgramFiles%\Microsoft Shared\MSInfo\borlndmm7a04.dll
- %TEMP%\RCX1.tmp в %TEMP%\1891_444f.dll
- 'www.dn##1.com':443
- DNS ASK www.dn##1.com
- ClassName: 'Shell_TrayWnd' WindowName: ''