Техническая информация
- '%APPDATA%\Roaming\Microsoft\AudioEndpointBuilder.exe'
- '%APPDATA%\Roaming\Microsoft\BrokerInfrastructure.exe'
- '<SYSTEM32>\conhost.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- %APPDATA%\Roaming\FFPXOMEV-wchelper.dll
- %APPDATA%\Roaming\7CA2641D\ak.tmp
- %TEMP%\FFPXOMEV8
- %TEMP%\FFPXOMEV7
- %APPDATA%\Roaming\Microsoft\BrokerInfrastructure.exe
- %APPDATA%\Roaming\Microsoft\AudioEndpointBuilder.exe
- %TEMP%\FFPXOMEV2.txt
- <SYSTEM32>\WinDir\Svchost.exe
- %APPDATA%\Roaming\FFPXOMEV-wchelper.dll
- %TEMP%\FFPXOMEV8
- %APPDATA%\Roaming\Microsoft\AudioEndpointBuilder.exe
- %TEMP%\FFPXOMEV2.txt
- %TEMP%\FFPXOMEV7
- DNS ASK dn#.##ftncsi.com
- DNS ASK in####e.duckdns.org
- ClassName: 'Shell_TrayWnd' WindowName: ''