Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\host32.exe,'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\ctfmon.exe
- <SYSTEM32>\alg.exe
- <SYSTEM32>\spoolsv.exe
- <SYSTEM32>\services.exe
- <SYSTEM32>\lsass.exe
- System
- aion.exe
- ageofconan.exe
- __cd75efb816b2cc__.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1609' = '00000000'
- <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\wpad[1].dat
- %WINDIR%\host32.exe
- %WINDIR%\host32.exe
- 'wpad.localdomain':80
- '19#.#04.146.9':443
- wpad.localdomain/wpad.dat
- DNS ASK wpad.localdomain