Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\NetBar] 'Start' = '00000002'
- %PROGRAM_FILES%\Internet Explorer\lsass.exe
- %PROGRAM_FILES%\Windows NT\svchost.exe
- %PROGRAM_FILES%\Windows NT\svchost.exe
- %PROGRAM_FILES%\Internet Explorer\lsass.exe
- %CommonProgramFiles%\System\Ш{6D29FC40-EA47-1067-B31D-00DD010662DA}
- <SYSTEM32>\winntfgote.exe
- <SYSTEM32>\winntfgote.exe
- 'qd###.##mputerforensic.cn':1210
- DNS ASK qd###.##mputerforensic.cn
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''