Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\PC Upgrade Session Internet WWAN Intelligent] 'Start' = '00000002'
- Центр обеспечения безопасности (Security Center)
- '%WINDIR%\lgdjnqi.exe' "%WINDIR%\smnynyxxyd.exe"
- '%WINDIR%\smnynyxxyd.exe'
- '%TEMP%\ffyw0kfuh84lqvqxyvjbztr.exe'
- '<SYSTEM32>\netsh.exe' firewall set opmode disable
- %WINDIR%\tyavpsalyslle\rng
- %WINDIR%\lgdjnqi.exe
- %WINDIR%\tyavpsalyslle\cfg
- %WINDIR%\tyavpsalyslle\run
- %TEMP%\ffyw0kfuh84lqvqxyvjbztr.exe
- %WINDIR%\tyavpsalyslle\tst
- %WINDIR%\smnynyxxyd.exe
- %WINDIR%\tyavpsalyslle\etc
- %WINDIR%\lgdjnqi.exe
- %WINDIR%\smnynyxxyd.exe
- %TEMP%\ffyw0kfuh84lqvqxyvjbztr.exe
- <DRIVERS>\etc\hosts
- DNS ASK so###blood.net