Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'winser' = ''
- '%ALLUSERSPROFILE%\Application Data\taskmgr.exe'
- %ALLUSERSPROFILE%\Application Data\taskmgr.exe
- '12#.#0.9.121':443
- '12#.#0.9.121':80
- 'tr###.#icrosoftmse.com':443
- 'tr###.#icrosoftmse.com':80
- 12#.#0.9.121/list.php?id##################
- tr###.#icrosoftmse.com/list.php?id##################
- DNS ASK tr###.#icrosoftmse.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'