Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Agent Publication Player Multimedia' = '%APPDATA%\wipyfpakyqjee\zgoxmvctzf.exe'
- '%APPDATA%\wipyfpakyqjee\fsqssqjbo.exe' "%APPDATA%\wipyfpakyqjee\zgoxmvctzf.exe"
- '%APPDATA%\wipyfpakyqjee\zgoxmvctzf.exe'
- %APPDATA%\wipyfpakyqjee\zgoxmvctzf.tafw
- %APPDATA%\wipyfpakyqjee\fsqssqjbo.exe
- %APPDATA%\wipyfpakyqjee\zgoxmvctzf.exe
- %APPDATA%\wipyfpakyqjee\fsqssqjbo.exe
- %APPDATA%\wipyfpakyqjee\zgoxmvctzf.exe
- 'ag####trealize.net':80
- 'do###dollar.net':80
- 'ag####tdollar.net':80
- ag####trealize.net/forum/search.php?em##############################
- do###dollar.net/forum/search.php?em##############################
- ag####tdollar.net/forum/search.php?em##############################
- DNS ASK ni####ealize.net
- DNS ASK de####realize.net
- DNS ASK ni###dollar.net
- DNS ASK de####dollar.net
- DNS ASK la####ritten.net
- DNS ASK ca####nwritten.net
- DNS ASK la###shore.net
- DNS ASK ca####nshore.net
- DNS ASK ag####trealize.net
- DNS ASK do####ealize.net
- DNS ASK ag####tdollar.net
- DNS ASK do###dollar.net
- DNS ASK ni####ritten.net
- DNS ASK de####written.net
- DNS ASK ni###shore.net
- DNS ASK de###eshore.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'