Техническая информация
- '%WINDIR%\sc.exe' config PolicyAgent start= DEMAND
- '<SYSTEM32>\runexplorer.exe'
- '%WINDIR%\sc.exe' start PolicyAgent
- '%TEMP%\IPsec\IPsec.exe'
- '%WINDIR%\Temp\wx3.0.exe'
- '%TEMP%\IPsec\taoke.exe'
- %WINDIR%\Explorer.EXE
- %TEMP%\aut6.tmp
- %WINDIR%\sc.exe
- %TEMP%\aut5.tmp
- %WINDIR%\polstore.dll
- <SYSTEM32>\sz.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
- <SYSTEM32>\runexplorer.exe
- <SYSTEM32>\a1710157.dll
- %WINDIR%\winipsec.dll
- %TEMP%\aut2.tmp
- %TEMP%\IPsec\taoke.exe
- %TEMP%\aut1.tmp
- %TEMP%\IPsec\IPsec.exe
- %WINDIR%\Temp\config.ini
- %WINDIR%\ipseccmd.exe
- %TEMP%\aut4.tmp
- %WINDIR%\Temp\wx3.0.exe
- %TEMP%\aut3.tmp
- %TEMP%\aut6.tmp
- %TEMP%\aut5.tmp
- %TEMP%\IPsec\taoke.exe
- %TEMP%\IPsec\IPsec.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %TEMP%\aut4.tmp
- %TEMP%\aut3.tmp
- 'tg.##7play.com':80
- 'localhost':1035
- tg.##7play.com/3721/3721.txt
- DNS ASK tg.##7play.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'