Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{pLqDtV0x-vPvp-7sMD-CEz1-VOkWXHEBJkV2}] 'stubpath' = '<SYSTEM32>\RES\iexplore.exe -s'
- '<SYSTEM32>\RES\iexplore.exe'
- '<SYSTEM32>\Regsvr32.exe' /s MSWINSCK.OCX
- C:\ProgramData\Microsoft\RAC\Temp\sqlEEC2.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlEE44.tmp
- <SYSTEM32>\MSWINSCK.OCX
- <SYSTEM32>\RES\iexplore.exe
- <SYSTEM32>\NTI0411.SYS
- <SYSTEM32>\RES\iexplore.exe
- <SYSTEM32>\NTI0411.SYS
- <SYSTEM32>\MSWINSCK.OCX
- C:\ProgramData\Microsoft\RAC\Temp\sqlEE44.tmp
- C:\ProgramData\Microsoft\RAC\Temp\sqlEEC2.tmp
- <SYSTEM32>\Tasks\Microsoft\Windows Defender\MP Scheduled Scan
- 'al####c.no-ip.info':85
- DNS ASK dn#.##ftncsi.com
- DNS ASK al####c.no-ip.info
- ClassName: 'Shell_TrayWnd' WindowName: ''