Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Adaptive Keying Logon Player Builder Browser] 'Start' = '00000002'
- 'C:\kbkpkedntyuow\ysuwqjnqqlev.exe' "c:\kbkpkedntyuow\dpuguykifj.exe"
- 'C:\kbkpkedntyuow\dpuguykifj.exe'
- 'C:\kbkpkedntyuow\probw8bp7oqdozg9fkcj.exe'
- '<SYSTEM32>\wermgr.exe' "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_dpuguykifj.exe_898978eded13a84602b2181407323e8aaae85d_cab_1ad63755"
- C:\kbkpkedntyuow\dpuguykifj.exe
- C:\kbkpkedntyuow\ysuwqjnqqlev.exe
- C:\kbkpkedntyuow\khrxij
- %WINDIR%\kbkpkedntyuow\vzunprze
- C:\kbkpkedntyuow\vzunprze
- C:\kbkpkedntyuow\probw8bp7oqdozg9fkcj.exe
- C:\kbkpkedntyuow\ysuwqjnqqlev.exe
- C:\kbkpkedntyuow\dpuguykifj.exe
- C:\kbkpkedntyuow\probw8bp7oqdozg9fkcj.exe
- %WINDIR%\kbkpkedntyuow\vzunprze
- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_dpuguykifj.exe_898978eded13a84602b2181407323e8aaae85d_cab_1ad63755\Report.wer.tmp в C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_dpuguykifj.exe_898978eded13a84602b2181407323e8aaae85d_cab_1ad63755\Report.wer
- DNS ASK fo####president.net
- DNS ASK in####setrouble.net
- DNS ASK in#####epresident.net
- DNS ASK in####secaught.net
- DNS ASK fo####caught.net
- DNS ASK fo####strong.net
- DNS ASK th####hcaught.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK fo####trouble.net
- DNS ASK in####sestrong.net
- ClassName: 'Shell_TrayWnd' WindowName: ''