Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Run' = '%PROGRAM_FILES%\Windows Media Player\wmplay.exe'
- '<SYSTEM32>\mmc.exe'
- <SYSTEM32>\mmc.exe
- chrome.exe
- firefox.exe
- ClassName: '(null)' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: '(null)'
- ClassName: 'OLLYDBG' WindowName: '(null)'
- ClassName: 'FilemonClass' WindowName: '(null)'
- ClassName: 'pediy06' WindowName: '(null)'
- DNS ASK www.ip##8.com
- DNS ASK if####.ip138.com
- ClassName: '(null)' WindowName: 'Windows Internet Explorer'
- ClassName: '(null)' WindowName: '??????????????????'
- ClassName: '(null)' WindowName: 'ICBC'
- ClassName: '18467-41' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Microsoft Internet Explorer'
- ClassName: '(null)' WindowName: '??????????????'