Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Publication Offline Alerts Driver Propagation' = '%APPDATA%\Roaming\tcosslfmxceoh\wsqfofceo.exe'
- '%APPDATA%\Roaming\tcosslfmxceoh\hxbpvgrawaj.exe' "%APPDATA%\Roaming\tcosslfmxceoh\wsqfofceo.exe"
- '%APPDATA%\Roaming\tcosslfmxceoh\wsqfofceo.exe'
- %APPDATA%\Roaming\tcosslfmxceoh\wsqfofceo.ghh
- %APPDATA%\Roaming\tcosslfmxceoh\hxbpvgrawaj.exe
- %APPDATA%\Roaming\tcosslfmxceoh\wsqfofceo.exe
- %APPDATA%\Roaming\tcosslfmxceoh\wsqfofceo.exe
- DNS ASK wa###silver.net
- DNS ASK th####tsilver.net
- DNS ASK th####tsister.net
- DNS ASK th####tvalley.net
- DNS ASK wa###sister.net
- DNS ASK cr###valley.net
- DNS ASK su####valley.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK cr###labor.net
- DNS ASK su###rlabor.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''