Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ForceOP' = '%APPDATA%\Update\ForceOP.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\f6HLH4jk7N3QKwm85hhpSvSUQtUHB.exe
- '%APPDATA%\Update\ForceOP.exe'
- '%TEMP%\5087\5087.exe'
- [<HKCU>\Software\Paltalk]
- %APPDATA%\Update\ForceOP.exe
- %TEMP%\melt.Tmp
- %TEMP%\5087\5087.exe
- %TEMP%\aut1.tmp
- %TEMP%\weceeyc
- %TEMP%\5087\5087.exe
- %APPDATA%\Update\ForceOP.exe
- %TEMP%\aut1.tmp
- %TEMP%\weceeyc
- 'a1###.no-ip.biz':1604
- DNS ASK a1###.no-ip.biz
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_traywnd' WindowName: ''