Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Userinit' = '%WINDIR%\Winsms.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Userinit' = '0'
- %APPDATA%\donnee.dark
- %WINDIR%\Winsms.exe
- %WINDIR%\Winsms.exe
- 'ft####so.free.fr':21
- DNS ASK ft####so.free.fr
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'