Техническая информация
- [<HKLM>\SOFTWARE\Classes\exefile\shell\open\command] '' = '<SYSTEM32>\SVCH0ST.EXE %1 %*'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] 'SVCHOST' = '<SYSTEM32>\SVCH0ST.EXE'
- <SYSTEM32>\SVCH0ST.EXE
- %TEMP%\WinPcap_3_2.exe
- %TEMP%\Server.exe
- %TEMP%\WpBann.htm
- %TEMP%\nsx4.tmp\NSISdl.dll
- %TEMP%\nsx4.tmp\ioSpecial.ini
- %TEMP%\nsx4.tmp\nsWeb.dll
- %TEMP%\nsx4.tmp\modern-header.bmp
- %TEMP%\nsx4.tmp\modern-wizard.bmp
- <SYSTEM32>\mmdat.dat
- %TEMP%\WinPcap_3_2.exe
- %TEMP%\Server.exe
- <SYSTEM32>\SVCH0ST.EXE
- %TEMP%\nsx4.tmp\nxs.dll
- %TEMP%\nsx4.tmp\UserInfo.dll
- <SYSTEM32>\ntdll32.dll
- <SYSTEM32>\SVCH0ST.EXE
- %TEMP%\WpBann.htm
- <SYSTEM32>\mmdat.dat
- %TEMP%\Server.exe
- 'www.wi##cap.org':80
- www.wi##cap.org/install/banner/3.1.0.27/banner.htm
- DNS ASK www.wi##cap.org
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''