Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows' = '%TEMP%\taskhost.exe'
- %TEMP%\taskhost.exe
- <SYSTEM32>\taskkill.exe /f /im TeaTimer.exe
- <SYSTEM32>\taskkill.exe /f /im mbamgui.exe
- %TEMP%\taskhost.exe
- %TEMP%\dir
- 'je####lo.no-ip.biz':8080
- DNS ASK je####lo.no-ip.biz
- ClassName: '' WindowName: ''