Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'PNRP Copy Defragmenter Performance' = '%APPDATA%\qrzqgykkfunlqn\gvatups.exe'
- '%APPDATA%\qrzqgykkfunlqn\gkjqguxcbtm.exe' "%APPDATA%\qrzqgykkfunlqn\gvatups.exe"
- '%APPDATA%\qrzqgykkfunlqn\gvatups.exe'
- %APPDATA%\qrzqgykkfunlqn\gvatups.n5
- %APPDATA%\qrzqgykkfunlqn\gkjqguxcbtm.exe
- %APPDATA%\qrzqgykkfunlqn\gvatups.exe
- %APPDATA%\qrzqgykkfunlqn\gkjqguxcbtm.exe
- %APPDATA%\qrzqgykkfunlqn\gvatups.exe
- DNS ASK al####ystranger.net
- DNS ASK ge#####angoodbye.net
- DNS ASK al####ygoodbye.net
- DNS ASK ge#####anstranger.net
- DNS ASK ex#####ncefortieth.net
- DNS ASK ge#####anadvance.net
- DNS ASK al####yadvance.net
- DNS ASK fo####stranger.net
- DNS ASK me####stranger.net
- DNS ASK fo####goodbye.net
- DNS ASK me####advance.net
- DNS ASK ge#####anfortieth.net
- DNS ASK al####yfortieth.net
- DNS ASK fo####advance.net
- DNS ASK fi####pecial.net
- DNS ASK pa###corner.net
- DNS ASK fi###corner.net
- DNS ASK pa####pecial.net
- DNS ASK fi###flower.net
- DNS ASK pa###minute.net
- DNS ASK fi###minute.net
- DNS ASK fr####oodbye.net
- DNS ASK ex#####ncegoodbye.net
- DNS ASK fr####ortieth.net
- DNS ASK ex#####ncestranger.net
- DNS ASK fr####dvance.net
- DNS ASK ex#####nceadvance.net
- DNS ASK fr####tranger.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'