Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Remote Human Application Locator] 'Start' = '00000002'
- 'C:\dqihpihpuvosxv\nuiqevcvh.exe' "c:\dqihpihpuvosxv\zycgcmxlmd.exe"
- 'C:\dqihpihpuvosxv\zycgcmxlmd.exe'
- 'C:\dqihpihpuvosxv\zk7xodjxazqifl7.exe'
- C:\dqihpihpuvosxv\zycgcmxlmd.exe
- C:\dqihpihpuvosxv\nuiqevcvh.exe
- C:\dqihpihpuvosxv\zf7esybb
- %WINDIR%\dqihpihpuvosxv\s1clhynh1y6e
- C:\dqihpihpuvosxv\s1clhynh1y6e
- C:\dqihpihpuvosxv\zk7xodjxazqifl7.exe
- C:\dqihpihpuvosxv\nuiqevcvh.exe
- C:\dqihpihpuvosxv\zycgcmxlmd.exe
- C:\dqihpihpuvosxv\zk7xodjxazqifl7.exe
- %WINDIR%\dqihpihpuvosxv\s1clhynh1y6e
- DNS ASK pr####tneither.net
- DNS ASK th####either.net
- DNS ASK th###system.net
- DNS ASK th###trust.net
- DNS ASK pr####tsystem.net
- DNS ASK pr####thonor.net
- DNS ASK th####uarter.net
- DNS ASK cl####eceive.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK th###honor.net
- DNS ASK cl####uarter.net
- ClassName: 'Shell_TrayWnd' WindowName: ''