Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\TCPIPPORT] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\services\BITS] 'Start' = '00000002'
- '<SYSTEM32>\slui.exe' -Embedding
- '<SYSTEM32>\wermgr.exe' "-outproc" "816" "3868"
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\mpeg4c32.dll Main
- '<SYSTEM32>\svchost.exe' -k netsvcs
- '<SYSTEM32>\PING.EXE' localhost -n 1
- %WINDIR%\Temp\OutofProcReport1082875.txt
- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_7.6.7600.256_d2caf64b7dbca2d781154d2562964c262846251_cab_049487b5\Report.wer
- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_80072f78_805ff6e6daf5fedbb13daf2b1d56b5cbd7ea195_cab_0d9c7f7b\client_manifest.txt
- <SYSTEM32>\mpeg4c32.dll
- <SYSTEM32>\tcpipport.sys
- <SYSTEM32>\tcpipport.sys
- <SYSTEM32>\mpeg4c32.dll
- %WINDIR%\Temp\OutofProcReport1082875.txt
- '20#.#6.232.182':80
- 'download.windowsupdate.com':80
- 'm.###pang.com':80
- 20#.#6.232.182/fwlink/?Li######################################################################################################
- DNS ASK www.up####.microsoft.com
- DNS ASK go.###rosoft.com
- DNS ASK do#####d.microsoft.com
- DNS ASK m.###pang.com
- DNS ASK download.windowsupdate.com