Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'hdsafe' = '"\LPFsafe.exe"'
- <SYSTEM32>\spoolsv.exe
- ClassName: '(null)' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- '<IP-адрес в локальной сети>':80
- '<IP-адрес в локальной сети>':445
- ClassName: '(null)' WindowName: '???????? V2.8'
- ClassName: '(null)' WindowName: 'VMware Workstation'
- ClassName: '(null)' WindowName: '??????????'
- ClassName: '(null)' WindowName: '???????? V2.7'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: '?????????????????? (??????????????V1.0.1.920) http://www.94xyz.com'
- ClassName: '(null)' WindowName: ' Windows ?????????? '
- ClassName: '(null)' WindowName: 'Process Explorer - Sysinternals: www.sysinternals.com'
- ClassName: '(null)' WindowName: 'EXEEM'
- ClassName: '(null)' WindowName: 'EZPEER'
- ClassName: '(null)' WindowName: '????????'
- ClassName: '(null)' WindowName: 'etc'
- ClassName: '(null)' WindowName: 'WinHex'
- ClassName: '(null)' WindowName: 'OllyDbg'
- ClassName: '(null)' WindowName: '????PUBWIN??????????'