Техническая информация
- '<SYSTEM32>\wermgr.exe' "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_ba3fc7332186a42f86dff4117a1523887c3534_cab_07220c6e"
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\Црaaa.ini
- %TEMP%\Memory389893.res
- %TEMP%\lazycommon.dll
- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_ba3fc7332186a42f86dff4117a1523887c3534_cab_07220c6e\Report.wer.tmp в C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_ba3fc7332186a42f86dff4117a1523887c3534_cab_07220c6e\Report.wer
- '11#.#24.23.7':80
- http://11#.#24.23.7/lm198907/Api/LoginOut.aspx?to####
- http://11#.#24.23.7/lm198907/Api/GetBulletin.aspx?pr############
- DNS ASK dn#.##ftncsi.com
- DNS ASK b.###ne.qq.com
- ClassName: 'Shell_TrayWnd' WindowName: ''