Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Klmnop Rstuvwxy Bcd] 'Start' = '00000002'
- 'C:\ProgramData\Microsoft\Gsegm\saoioc.exe' NewRunApp
- 'C:\ProgramData\Microsoft\Gsegm\saoioc.exe'
- '<SYSTEM32>\PING.EXE' -n 5 127.0.0.1
- C:\ProgramData\Microsoft\Gsegm\saoioc.exe
- '12#.#12.17.36':2015
- DNS ASK dn#.##ftncsi.com
- DNS ASK yu####20.f3322.org
- DNS ASK hy####.f3322.net
- ClassName: 'Shell_TrayWnd' WindowName: ''