Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Superfetch Secondary Provider Plug Experience] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Superfetch Secondary Provider Plug Experience] 'ImagePath' = 'C:\dkqtheyclqzwa\oirvaqbo.exe'
- %WINDIR%\dkqtheyclqzwa\zh4dgnygmi
- C:\dkqtheyclqzwa\zh4dgnygmi
- C:\dkqtheyclqzwa\wpms61ufvnmthmsvu6.exe
- C:\dkqtheyclqzwa\oirvaqbo.exe
- C:\dkqtheyclqzwa\jmxpafpw.exe
- C:\dkqtheyclqzwa\oirvaqbo.exe
- C:\dkqtheyclqzwa\jmxpafpw.exe
- %WINDIR%\dkqtheyclqzwa\zh4dgnygmi
- C:\dkqtheyclqzwa\wpms61ufvnmthmsvu6.exe
- %WINDIR%\dkqtheyclqzwa\zh4dgnygmi
- DNS ASK wi####demand.net
- DNS ASK pe####sshout.net
- DNS ASK wi###wshout.net
- DNS ASK wi###rbring.net
- DNS ASK su####tbring.net
- DNS ASK wi####listen.net
- DNS ASK su####tlisten.net
- 'C:\dkqtheyclqzwa\wpms61ufvnmthmsvu6.exe'
- 'C:\dkqtheyclqzwa\oirvaqbo.exe'
- 'C:\dkqtheyclqzwa\jmxpafpw.exe' "c:\dkqtheyclqzwa\oirvaqbo.exe"