Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Brightness Upgrade ActiveX WinHTTP Sharing' = 'C:\urtqmqwuhccid\nvsejdtpi.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Net.Tcp Drive Web Plug Event Office Quality] 'Start' = '00000002'
- 'C:\urtqmqwuhccid\upkpquio.exe' "c:\urtqmqwuhccid\nvsejdtpi.exe"
- 'C:\urtqmqwuhccid\nvsejdtpi.exe'
- 'C:\urtqmqwuhccid\jjlx4p1xdkkbavitof9f.exe'
- C:\urtqmqwuhccid\nvsejdtpi.exe
- C:\urtqmqwuhccid\upkpquio.exe
- C:\urtqmqwuhccid\jjlx4p1xdkkbavitof9f.exe
- %WINDIR%\urtqmqwuhccid\hssgwe
- C:\urtqmqwuhccid\hssgwe
- C:\urtqmqwuhccid\upkpquio.exe
- C:\urtqmqwuhccid\nvsejdtpi.exe
- C:\urtqmqwuhccid\jjlx4p1xdkkbavitof9f.exe
- %WINDIR%\urtqmqwuhccid\hssgwe
- 'pr####eenough.net':80
- 'de####needle.net':80
- 'pr####egovern.net':80
- 'de####enough.net':80
- 'pr####enature.net':80
- 're####govern.net':80
- 'pr####eneedle.net':80
- 'de####nature.net':80
- http://pr####eenough.net/index.php
- http://de####needle.net/index.php
- http://pr####egovern.net/index.php
- http://de####enough.net/index.php
- http://pr####enature.net/index.php
- http://re####govern.net/index.php
- http://pr####eneedle.net/index.php
- http://de####nature.net/index.php
- DNS ASK de####enough.net
- DNS ASK pr####eenough.net
- DNS ASK de####govern.net
- DNS ASK pr####egovern.net
- DNS ASK de####needle.net
- DNS ASK pr####enature.net
- DNS ASK re####govern.net
- DNS ASK pr####eneedle.net
- DNS ASK de####nature.net
- ClassName: 'Shell_TrayWnd' WindowName: ''