Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Font Secure Bluetooth RPC Extensible] 'Start' = '00000002'
- 'C:\ydgyogvowlppto\zcyeoddvgb.exe' "c:\ydgyogvowlppto\pbthzokkgb.exe"
- 'C:\ydgyogvowlppto\pbthzokkgb.exe'
- C:\ydgyogvowlppto\zcyeoddvgb.exe
- C:\ydgyogvowlppto\iezgqeb1nbtg
- C:\ydgyogvowlppto\pbthzokkgb.exe
- %WINDIR%\ydgyogvowlppto\cx34ngr
- C:\ydgyogvowlppto\cx34ngr
- C:\ydgyogvowlppto\zcyeoddvgb.exe
- C:\ydgyogvowlppto\pbthzokkgb.exe
- %WINDIR%\ydgyogvowlppto\cx34ngr
- DNS ASK ga####include.net
- DNS ASK be####include.net
- DNS ASK be###rnorth.net
- DNS ASK fl###clear.net
- DNS ASK ga###rnorth.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK be###rclear.net
- DNS ASK ga###rclear.net
- DNS ASK ga####general.net
- DNS ASK be####general.net
- ClassName: 'Shell_TrayWnd' WindowName: ''