Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '*LogMeInRescue_1345038180' = '"<LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\lmi_rescue.exe" -runonce reboot'
- '<LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\lmi_rescue.exe'
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\script\Recon.bat
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\rescue.ico
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\logo.bmp
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\chatlog.dat
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\rescue.log
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\script\ATS_Reconnect.exe
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\RescueWinRTLib.dll
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\rahook.dll
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\lmi_rescue.exe
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\params.txt
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe
- <LS_APPDATA>\LogMeIn Rescue Applet\LMIR0001.tmp\ra64app.exe
- '25#.#55.255.255':443
- 'se####.#ogmeinrescue.com':80
- se####.#ogmeinrescue.com/myrahost/list.aspx?we#######
- DNS ASK se####.#ogmeinrescue.com
- DNS ASK re########t.1.logmein-gateway.com
- DNS ASK dc.####ein-gateway.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'