Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'csrss' = '%WINDIR%\TeamViewer\ip.exe'
- %WINDIR%\TeamViewer\svchost.exe
- %WINDIR%\TeamViewer\svchost.exe (загружен из сети Интернет)
- <SYSTEM32>\reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "csrss" /t REG_SZ /d "%WINDIR%\TeamViewer\ip.exe" /f
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\svchost[1].exe
- %WINDIR%\TeamViewer\ip.exe
- %WINDIR%\TeamViewer\svchost.exe
- %WINDIR%\TeamViewer\tv.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tv[1].dll
- %WINDIR%\TeamViewer\TS.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\TS[1].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\Teamviewer_Resource_en[1].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\ip[1].exe
- %WINDIR%\TeamViewer\Teamviewer_Resource_en.dll
- '93.##8.134.11':587
- 'dd##.cis.by':80
- 'kw##nc.ru':80
- kw##nc.ru/teamviewer/svchost.exe
- kw##nc.ru/teamviewer/tv.dll
- dd##.cis.by/nic/
- kw##nc.ru/teamviewer/TS.dll
- kw##nc.ru/teamviewer/Teamviewer_Resource_en.dll
- kw##nc.ru/teamviewer/ip.exe
- DNS ASK sm##.yandex.ru
- DNS ASK dd##.cis.by
- DNS ASK kw##nc.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''