Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Font Store Enumerator Fax Certificate Power] 'Start' = '00000002'
- 'C:\nvsinshigacv\qfiagzyjqa.exe' "c:\nvsinshigacv\suooqdfprt.exe"
- 'C:\nvsinshigacv\suooqdfprt.exe'
- 'C:\nvsinshigacv\ou7zzkmfeeyfree6.exe'
- C:\nvsinshigacv\suooqdfprt.exe
- C:\nvsinshigacv\qfiagzyjqa.exe
- C:\nvsinshigacv\bsuucpisv
- %WINDIR%\nvsinshigacv\irirdt7
- C:\nvsinshigacv\irirdt7
- C:\nvsinshigacv\ou7zzkmfeeyfree6.exe
- C:\nvsinshigacv\qfiagzyjqa.exe
- C:\nvsinshigacv\suooqdfprt.exe
- C:\nvsinshigacv\ou7zzkmfeeyfree6.exe
- %WINDIR%\nvsinshigacv\irirdt7
- DNS ASK fo####discover.net
- DNS ASK in####sewonder.net
- DNS ASK in#####ediscover.net
- DNS ASK re#####rcontinue.net
- DNS ASK wo####ontinue.net
- DNS ASK fo####wonder.net
- DNS ASK in#####econtinue.net
- DNS ASK fo####continue.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK in####semaster.net
- DNS ASK fo####master.net
- ClassName: 'Shell_TrayWnd' WindowName: ''