Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Run DLL' = '%WINDIR%\rndll32.exe'
- %TEMP%\1C195.dmp
- %TEMP%\dw.log
- %WINDIR%\rndll32.exe
- 'ir#.#empsys.biz':6667
- '74.##5.232.51':80
- DNS ASK ir#.#empsys.biz
- DNS ASK google.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: '<Служебное имя>'