Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Startup' = '%APPDATA%\Roaming\Microsoft\explore.exe'
- '%APPDATA%\Roaming\Microsoft\explore.exe'
- '<SYSTEM32>\wermgr.exe' -queuereporting
- %APPDATA%\Roaming\Microsoft\explore.exe
- %TEMP%\aut7389.tmp
- %TEMP%\m149254.png
- %APPDATA%\Roaming\Microsoft\explore.exe
- %TEMP%\aut7389.tmp
- 'db#.#o-ip.info':3086
- '25#.#55.255.255':3086
- DNS ASK dn#.##ftncsi.com
- DNS ASK db#.#o-ip.info
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'