Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Rundll.exe internacional' = '%ALLUSERSPROFILE%\Application Data\PoMobile\Rundll.exe'
- '%ALLUSERSPROFILE%\Application Data\PoMobile\Rundll.exe'
- '%ProgramFiles%\Messenger\msmsgs.exe' -Embedding
- %WINDIR%\Explorer.EXE
- %ALLUSERSPROFILE%\Application Data\PoMobile\Rundll.exe
- 'www.va####cipiante.it':80
- 'www.tr#####of-rathjen.de':80
- 'www.fo#####-system.com.ar':80
- 'www.vi##bri.com':80
- 'www.wa##aki.pl':80
- 'www.sp##rof.com':80
- 'www.sc####t-reisen.de':80
- http://www.fo#####-system.com.ar/img/mamo/ativado.php
- http://www.vi##bri.com/francais/phototheques_slide/mxsn.php
- http://www.va####cipiante.it//plant-nursery-content/images/lang/mxsn.php
- http://www.tr#####of-rathjen.de/mxsn.php
- http://www.wa##aki.pl/relacje/mxts.php
- http://www.sp##rof.com/mxts.php
- http://www.sc####t-reisen.de/mxts.php
- DNS ASK www.va####cipiante.it
- DNS ASK www.tr#####of-rathjen.de
- DNS ASK www.fo#####-system.com.ar
- DNS ASK www.vi##bri.com
- DNS ASK www.wa##aki.pl
- DNS ASK www.sp##rof.com
- DNS ASK www.sc####t-reisen.de
- ClassName: '' WindowName: ''
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Chrome_WidgetWin_0' WindowName: ''
- ClassName: 'Indicator' WindowName: ''