Техническая информация
- '%APPDATA%\Roaming\Install\Host.exe'
- '%WINDIR%\explorer.exe' /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
- '%WINDIR%\explorer.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe'
- %WINDIR%\explorer.exe
- %APPDATA%\Roaming\Install\Host.exe
- <Полный путь к вирусу>
- %APPDATA%\Roaming\Install\Host.exe
- DNS ASK dn#.##ftncsi.com
- DNS ASK re#####ory.certum.pl
- DNS ASK ct###.#indowsupdate.com
- ClassName: 'Shell_TrayWnd' WindowName: ''