Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Remote Access Service] 'Start' = '00000002'
- '<SYSTEM32>\netsvcs.exe'
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEF5.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEE4.tmp
- <SYSTEM32>\netsvcs_ko.dll
- <SYSTEM32>\netsvcs.exe
- <SYSTEM32>\VCMon.exe
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEE4.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlAEF5.tmp
- 'ma####.dyngate.com':80
- 'pi###.dyngate.com':80
- 'ma#####.teamviewer.com':80
- 'localhost':9998
- 'pi###.dyngate.com':5938
- pi###.dyngate.com/din.aspx?s=################################################
- pi###.dyngate.com/din.aspx?s=###############################################
- ma#####.teamviewer.com/din.aspx?s=################################################
- ma####.dyngate.com/din.aspx?s=################################################
- DNS ASK ma#####3.Teamviewer.com
- DNS ASK ma#####2.Teamviewer.com
- DNS ASK ma#####4.Teamviewer.com
- DNS ASK ma#####6.Teamviewer.com
- DNS ASK ma#####5.Teamviewer.com
- DNS ASK ma#####.teamviewer.com
- DNS ASK pi###.dyngate.com
- DNS ASK ma####.dyngate.com
- DNS ASK ma#####1.Teamviewer.com
- DNS ASK ma#####0.Teamviewer.com
- ClassName: 'TrayNotifyWnd' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'