Техническая информация
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe %TEMP%\Pm8Dv7xf.dll, CdapiInit QuickAuthenticationNotifier
- <SYSTEM32>\rundll32.exe %TEMP%\B3NdHMk8.dll,DllUnregisterServer install
- %TEMP%\gHJMdGPZ
- %TEMP%\Pm8Dv7xf.dll
- %TEMP%\nsi2.tmp\SelfDel.dll
- %TEMP%\B3NdHMk8.dll
- %TEMP%\nsi2.tmp\GetVersion.dll
- %TEMP%\nsi2.tmp\System.dll
- %TEMP%\nsi2.tmp\inetc.dll
- %TEMP%\nsi2.tmp\SelfDel.dll
- %TEMP%\nsi2.tmp\System.dll
- %TEMP%\nsi2.tmp\GetVersion.dll
- %TEMP%\nsi2.tmp\inetc.dll
- 'sc####.gogytt.tk':80
- sc####.gogytt.tk/79vyj6n8fHiroQs6WBtySxUygJpeiq9qqDb+VgWADUtqNG7EGaVLE8mg
- sc####.gogytt.tk/bwV3v2tkvVmyS66tKyk4bh1lAu8Gk7D9j0uEvN4tvWcwQmGsyTLlkk+73QHzZyzxtH49aprOvVQcqqZoWGNhbs445mtkGj+eOFUwnh2+gxY=
- sc####.gogytt.tk/M3Gqkt8fVUwE4IPGv2YUlVAZh+MleTnRO95cF9NsE9DxjiGGxsXiSYfbhoQnI4nSXAQgeG8k/OU8tm8V
- DNS ASK sc####.gogytt.tk
- '<IP-адрес в локальной сети>':1033
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''