Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Windows Update.exe
- <SYSTEM32>\clwinx2.exe
- <SYSTEM32>\dllhostup.exe
- <SYSTEM32>\up0000.exe
- <SYSTEM32>\dllhostup.exe (загружен из сети Интернет)
- <SYSTEM32>\up0000.exe (загружен из сети Интернет)
- <SYSTEM32>\clwinx2.exe (загружен из сети Интернет)
- %WINDIR%\regedit.exe /S %WINDIR%\SCANREG01.REG
- [<HKCU>\Software\Microsoft\MessengerService]
- <SYSTEM32>\clwinx2.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\tech_X00[1].pdf
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\tech_00[1].pdf
- %TEMP%\16.05.1216.05.12log-01.ini
- <SYSTEM32>\dllhostup.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tech_Z1A0[1].pdf
- <SYSTEM32>\Windows Update.exe
- %WINDIR%\SCANREG01.REG
- <SYSTEM32>\up0000.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\tech_X2Z00[1].pdf
- 'www.he##bar.net':80
- 'www.hc##4.com':80
- 'localhost':1035
- www.he##bar.net/modules/My_eGallery/gallery/.../tech_X00.pdf
- www.he##bar.net/modules/My_eGallery/gallery/.../tech_00.pdf
- www.hc##4.com/.../tech_Z1A0.pdf
- www.hc##4.com/.../tech_X2Z00.pdf
- DNS ASK www.he##bar.net
- DNS ASK www.hc##4.com
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''