Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\bePhotoshopImage] 'Start' = '00000002'
- <SYSTEM32>\dumprep.exe 2912 -dm 7 7 %TEMP%\WERd731.dir00\calc.exe.hdmp 16325836412027168
- <SYSTEM32>\dumprep.exe 2912 -dm 7 7 %TEMP%\WERd731.dir00\calc.exe.mdmp 16325836412027148
- <SYSTEM32>\calc.exe
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: '' WindowName: 'TRW2000 for Windows 9x'
- %PROGRAM_FILES%\nnephot.exe
- %TEMP%\WERd731.dir00\calc.exe.mdmp
- %TEMP%\WERd731.dir00\calc.exe.hdmp
- %WINDIR%\nephot.exe
- %TEMP%\83C9D052\$$$$$$$$.{D6277990-4C6A-11CF-8D87-00AA0060F5BF}\ $$$2\com1.{21EC2020-3AEA-1069-A2DD-08002B30309D}\{01F0EA42-E386-4264-BB8F-ABF4B6FA67B6}
- %WINDIR%\2010.txt
- %PROGRAM_FILES%\nnephot.exe
- %WINDIR%\nephot.exe
- %WINDIR%\2010.txt
- 'yi#####2203.3322.org':8181
- DNS ASK yi#####2203.3322.org
- ClassName: 'TAppBuilder' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'TSxmanage' WindowName: ''
- ClassName: 'ACPU' WindowName: ''
- ClassName: '' WindowName: 'TWX2002 for Windows 9x'
- ClassName: '' WindowName: 'RegmonClass'
- ClassName: 'TDeDeMainWindow' WindowName: ''