Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run\] 'AVSoft' = '%PROGRAMDATA%\FGNBMPDKGGFF.exe\FGNBMPDKGGFF.exe'
- <SYSTEM32>\dwm.exe
- <SYSTEM32>\taskhost.exe
- iexplore.exe
- firefox.exe
- %PROGRAMDATA%\fgnbmpdkggff.exe\fgnbmpdkggff.exe
- '13#.#85.105.93':80
- '%PROGRAMDATA%\fgnbmpdkggff.exe\fgnbmpdkggff.exe'