Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'taskrmsg' = '<SYSTEM32>\taskrmsg.exe /run'
- <SYSTEM32>\taskrmsg.exe
- <SYSTEM32>\taskrmsg.exe
- %TEMP%\nsv2.tmp\FindProcDLL.dll
- %TEMP%\nsv2.tmp\FindProcDLL.dll
- 'ok###ent.co.kr':80
- DNS ASK ok###ent.co.kr
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Daumcleaner' WindowName: ''