Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'mstessrv' = '<LS_APPDATA>\insrvc.exe'
- <LS_APPDATA>\insrvc.exe
- <SYSTEM32>\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v mstessrv /d "<LS_APPDATA>\insrvc.exe"
- <LS_APPDATA>\insrvc.exe
- %TEMP%\TMP110811
- <LS_APPDATA>\insrvc.exe
- %TEMP%\TMP110811
- 'td#####es.freeddns.com':443
- '61.##0.228.138':80
- '61.##0.228.138':443
- 'mi#######office.3utilities.com':80
- 'mi#######office.3utilities.com':443
- 'td#####es.freeddns.com':80
- DNS ASK td#####es.freeddns.com
- DNS ASK mi#######office.3utilities.com
- ClassName: 'Indicator' WindowName: ''