Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Computer Power KtmRm Helper Copy Adaptive' = '%APPDATA%\vazpeihiwmwcspj\doeoggsgzzi.exe'
- '%APPDATA%\vazpeihiwmwcspj\qbrxdepynuh.exe' "%APPDATA%\vazpeihiwmwcspj\doeoggsgzzi.exe"
- '%APPDATA%\vazpeihiwmwcspj\doeoggsgzzi.exe'
- %APPDATA%\vazpeihiwmwcspj\doeoggsgzzi.uctr
- %APPDATA%\vazpeihiwmwcspj\qbrxdepynuh.exe
- %APPDATA%\vazpeihiwmwcspj\doeoggsgzzi.exe
- %APPDATA%\vazpeihiwmwcspj\qbrxdepynuh.exe
- %APPDATA%\vazpeihiwmwcspj\doeoggsgzzi.exe
- 're####etravel.net':80
- 'or###travel.net':80
- 're####espace.net':80
- re####etravel.net/forum/search.php?em##################################
- or###travel.net/forum/search.php?em##################################
- re####espace.net/forum/search.php?em##################################
- DNS ASK le####travel.net
- DNS ASK he###nspace.net
- DNS ASK le###rspace.net
- DNS ASK he####travel.net
- DNS ASK le###rclose.net
- DNS ASK he####yellow.net
- DNS ASK le####yellow.net
- DNS ASK re####etravel.net
- DNS ASK or###travel.net
- DNS ASK re####espace.net
- DNS ASK or###yellow.net
- DNS ASK re####eclose.net
- DNS ASK or###close.net
- DNS ASK re####eyellow.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'