Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Link-Layer Input Reporting] 'Start' = '00000002'
- 'C:\bxgiivwvrt\ghjlmcfxmddp.exe' "c:\bxgiivwvrt\wwlvrcckg.exe"
- 'C:\bxgiivwvrt\wwlvrcckg.exe'
- 'C:\bxgiivwvrt\entx7xiawysqdthnden.exe'
- C:\bxgiivwvrt\wwlvrcckg.exe
- C:\bxgiivwvrt\ghjlmcfxmddp.exe
- C:\bxgiivwvrt\n58hqdtgci
- %WINDIR%\bxgiivwvrt\u4twsbj7d6zt
- C:\bxgiivwvrt\u4twsbj7d6zt
- C:\bxgiivwvrt\entx7xiawysqdthnden.exe
- C:\bxgiivwvrt\ghjlmcfxmddp.exe
- C:\bxgiivwvrt\wwlvrcckg.exe
- C:\bxgiivwvrt\entx7xiawysqdthnden.exe
- %WINDIR%\bxgiivwvrt\u4twsbj7d6zt
- DNS ASK pl####ntdevice.net
- DNS ASK ne#####rylanguage.net
- DNS ASK ne####arydevice.net
- DNS ASK ne####arybefore.net
- DNS ASK pl####ntbefore.net
- DNS ASK pl#####tlanguage.net
- DNS ASK he###before.net
- DNS ASK di####ultbefore.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ne####arysettle.net
- DNS ASK pl####ntsettle.net
- ClassName: 'Shell_TrayWnd' WindowName: ''