Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'Explorer.exe "<SYSTEM32>\dllcache\svchost.exe"'
- <SYSTEM32>\dllcache\svchost.exe
- '<SYSTEM32>\dllcache\svchost.exe'
- 'sm##.gmail.com':465
- 'ce###c-r.info':80
- ce###c-r.info/ip.php
- DNS ASK sm##.gmail.com
- DNS ASK ce###c-r.info