Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Process Encryption Disk DNS Driver] 'Start' = '00000002'
- 'C:\fvbbwsgpzap\jzjzyputuc.exe' "c:\fvbbwsgpzap\gtazlfckyrn.exe"
- 'C:\fvbbwsgpzap\gtazlfckyrn.exe'
- 'C:\fvbbwsgpzap\ndey8cdgvjyrgrtgmm.exe'
- C:\fvbbwsgpzap\gtazlfckyrn.exe
- C:\fvbbwsgpzap\jzjzyputuc.exe
- C:\fvbbwsgpzap\mysvfn
- %WINDIR%\fvbbwsgpzap\szzhntwf
- C:\fvbbwsgpzap\szzhntwf
- C:\fvbbwsgpzap\ndey8cdgvjyrgrtgmm.exe
- C:\fvbbwsgpzap\jzjzyputuc.exe
- C:\fvbbwsgpzap\gtazlfckyrn.exe
- C:\fvbbwsgpzap\ndey8cdgvjyrgrtgmm.exe
- %WINDIR%\fvbbwsgpzap\szzhntwf
- DNS ASK co####efriend.net
- DNS ASK ch###friend.net
- DNS ASK of####aughter.net
- DNS ASK of###fancy.net
- DNS ASK al####aughter.net
- DNS ASK co####econsider.net
- DNS ASK ch###fancy.net
- DNS ASK co####elaughter.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ch####onsider.net
- DNS ASK co####efancy.net
- ClassName: 'Shell_TrayWnd' WindowName: ''