Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'LoadAppInit_DLLs' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\services\5764d77a] 'Start' = '00000002'
- '<SYSTEM32>\rundll32.exe' "%PROGRAM_FILES%\RelayDefender\RelayDefender.dll",serv
- '<SYSTEM32>\rundll32.exe' "%PROGRAM_FILES%\RelayDefender\RelayDefender.dll",serv -install
- %PROGRAM_FILES%\RelayDefender\RelayDefender.dll
- %TEMP%\tf0a1238a2.dll
- DNS ASK te###ne.info
- DNS ASK te##ine.net
- DNS ASK ti##.nist.gov
- DNS ASK www.bb#.com
- DNS ASK dn#.##ftncsi.com
- ClassName: 'Shell_TrayWnd' WindowName: ''