Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '88E6680F1C704' = '"%ALLUSERSPROFILE%\Application Data\88E6680F1C704\88E6680F1C704.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '88E6680F1C704' = '"%ALLUSERSPROFILE%\Application Data\88E6680F1C704\88E6680F1C704.exe"'
- %HOMEPATH%\Start Menu\Programs\Startup\Explorer.lnk
- Диспетчера задач (Taskmgr)
- Редактора реестра (RegEdit)
- %ALLUSERSPROFILE%\Application Data\88E6680F1C704\88E6680F1C704.exe
- <SYSTEM32>\ipconfig.exe /flushdns && ipconfig /renew
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1400' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1601' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '1400' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1400' = '00000000'
- %ALLUSERSPROFILE%\Application Data\88E6680F1C704\88E6680F1C704.exe
- 'localhost':1037
- 'cr####laysic.com':81
- DNS ASK cr####laysic.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''