Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\NetBIOS DCOM Builder Detection Installer Removal] 'Start' = '00000002'
- 'C:\jvhuzviurvoylbc\ofsxhlvag.exe' "c:\jvhuzviurvoylbc\qndzrtty.exe"
- 'C:\jvhuzviurvoylbc\qndzrtty.exe'
- 'C:\jvhuzviurvoylbc\ydrth8cxegnnow6h4ljq.exe'
- C:\jvhuzviurvoylbc\qndzrtty.exe
- C:\jvhuzviurvoylbc\ofsxhlvag.exe
- C:\jvhuzviurvoylbc\edba2o
- %WINDIR%\jvhuzviurvoylbc\inhzj7gayvt
- C:\jvhuzviurvoylbc\inhzj7gayvt
- C:\jvhuzviurvoylbc\ydrth8cxegnnow6h4ljq.exe
- C:\jvhuzviurvoylbc\ofsxhlvag.exe
- C:\jvhuzviurvoylbc\qndzrtty.exe
- C:\jvhuzviurvoylbc\ydrth8cxegnnow6h4ljq.exe
- %WINDIR%\jvhuzviurvoylbc\inhzj7gayvt
- DNS ASK wo###school.net
- DNS ASK in#####etherefore.net
- DNS ASK re####erschool.net
- DNS ASK re####erwhile.net
- DNS ASK wo###while.net
- DNS ASK fo####therefore.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK fo###twhile.net
- DNS ASK in####sewhile.net
- DNS ASK in#####equestion.net
- DNS ASK fo####question.net
- ClassName: 'Shell_TrayWnd' WindowName: ''