Техническая информация
- [<HKLM>\SOFTWARE\Classes\txtfile\shell\open\command] '' = 'N0TEPAD.EXE NOTEPAD.EXE %1'
- [<HKLM>\SOFTWARE\Classes\inifile\shell\open\command] '' = 'N0TEPAD.EXE NOTEPAD.EXE %1'
- [<HKLM>\SOFTWARE\Classes\hlpfile\shell\open\command] '' = 'win.exe winhlp32.exe %1'
- [<HKLM>\SOFTWARE\Classes\chm.file\shell\open\command] '' = 'win.exe hh.exe %1'
- <SYSTEM32>\N0TEPAD.EXE
- <Текущая директория>\keylog
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Ip[1].txt
- %WINDIR%\WIN.EXE
- <SYSTEM32>\WIN.EXE
- 'wj###.myrice.com':80
- 'localhost':1035
- wj###.myrice.com/Ip.txt
- DNS ASK wj###.myrice.com
- ClassName: '' WindowName: 'Connections Tray'
- ClassName: '' WindowName: 'Tiny H-Pot v1.6'
- ClassName: '' WindowName: '<Служебное имя>'
- ClassName: '' WindowName: 'Program Manager'
- ClassName: '' WindowName: 'MS_WebcheckMonitor'
- ClassName: '' WindowName: 'Power Meter'
- ClassName: '' WindowName: '<SYSTEM32>\cscript.exe'
- ClassName: '' WindowName: ''
- ClassName: '' WindowName: 'TF_FloatingLangBar_WndTitle'
- ClassName: '' WindowName: 'CiceroUIWndFrame'
- ClassName: '' WindowName: '<Служебное имя> - build Mar 22 2011'
- ClassName: '' WindowName: '?'
- ClassName: '' WindowName: 'Notification Window'