Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Alerter' = '%WINDIR%\Alerter.exe'
- %WINDIR%\Alerter.exe
- C:\ДЪґжКН·Е.exe
- C:\MemEmpty.exe
- <SYSTEM32>\regsvr32.exe COMCTL32.OCX /s
- %WINDIR%\Alerter.exe
- <SYSTEM32>\COMCTL32.OCX
- C:\MemEmpty.exe
- C:\ДЪґжКН·Е.exe
- 'yi####771.3322.org':80
- DNS ASK yi####771.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''