Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'winePpPD' = '<SYSTEM32>\winePpPD.exe'
- <SYSTEM32>\winePpPD.exe
- <SYSTEM32>\winePpPD.exe
- 'in##.#onsamo.com':80
- in##.#onsamo.com/061120/update/update.info
- in##.#onsamo.com/061120/Web/Initial.asp
- in##.#onsamo.com/061120/Web/InsAdd.asp
- DNS ASK in##.#onsamo.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''