Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Office Connections Level CNG Function ActiveX' = '%APPDATA%\npvwqoqgao\xmmcpfftr.exe'
- '%APPDATA%\npvwqoqgao\vjosiqyzjmn.exe' "%APPDATA%\npvwqoqgao\xmmcpfftr.exe"
- '%APPDATA%\npvwqoqgao\xmmcpfftr.exe'
- %APPDATA%\npvwqoqgao\xmmcpfftr.vuv
- %APPDATA%\npvwqoqgao\vjosiqyzjmn.exe
- %APPDATA%\npvwqoqgao\xmmcpfftr.exe
- %APPDATA%\npvwqoqgao\xmmcpfftr.exe
- 're###dshout.net':80
- 'el####icshout.net':80
- 'el####icdemand.net':80
- 'el####iclisten.net':80
- 're####demand.net':80
- re###dshout.net/index.php?em####################################
- el####icshout.net/index.php?em####################################
- el####icdemand.net/index.php?em####################################
- el####iclisten.net/index.php?em####################################
- re####demand.net/index.php?em####################################
- DNS ASK re###dshout.net
- DNS ASK el####icshout.net
- DNS ASK el####icdemand.net
- DNS ASK el####iclisten.net
- DNS ASK re####demand.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''