Техническая информация
- [<HKLM>\SOFTWARE\Classes\txtfile\shell\open\command] '' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SVCH0ST' = '%WINDIR%\system\SVCH0ST.EXE'
- '%WINDIR%\system\SVCH0ST.EXE'
- <SYSTEM32>\N0TEPAD.EXE
- %WINDIR%\N0TEPAD.EXE
- %WINDIR%\system\windll.dll
- %WINDIR%\system\SVCH0ST.EXE
- %WINDIR%\system\N0TEPAD.EXE
- <SYSTEM32>\N0TEPAD.EXE
- %WINDIR%\N0TEPAD.EXE
- %WINDIR%\system\SVCH0ST.EXE
- %WINDIR%\system\N0TEPAD.EXE
- %TEMP%\~DF5114.tmp
- 'www.18##.net':80
- 'localhost':1036
- www.18##.net/
- DNS ASK www.18##.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''