Техническая информация
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- %APPDATA%\Mozilla\Firefox\prefs\prefcalls.js
- %APPDATA%\Mozilla\Firefox\prefs\greprefs.js
- %APPDATA%\Mozilla\Firefox\prefs\winpref.js
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- 'er###uable.com':443
- 'so###win.com':80
- so###win.com/index2.ruk
- DNS ASK er###uable.com
- DNS ASK so###win.com