Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Information Publication Shell] 'Start' = '00000002'
- 'C:\fwqupfug\ykjwslorkrdb.exe' "c:\fwqupfug\bqgwhxu.exe"
- 'C:\fwqupfug\bqgwhxu.exe'
- 'C:\fwqupfug\xlwkv8bqxqrcbcihfsm.exe'
- C:\fwqupfug\bqgwhxu.exe
- C:\fwqupfug\ykjwslorkrdb.exe
- C:\fwqupfug\thjazxsfgzw
- %WINDIR%\fwqupfug\vlsojp8
- C:\fwqupfug\vlsojp8
- C:\fwqupfug\xlwkv8bqxqrcbcihfsm.exe
- C:\fwqupfug\ykjwslorkrdb.exe
- C:\fwqupfug\bqgwhxu.exe
- C:\fwqupfug\xlwkv8bqxqrcbcihfsm.exe
- %WINDIR%\fwqupfug\vlsojp8
- DNS ASK ch###spring.net
- DNS ASK th###found.net
- DNS ASK th###spring.net
- DNS ASK th####uccess.net
- DNS ASK ch####uccess.net
- DNS ASK ri####banker.net
- DNS ASK be####success.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ch###found.net
- DNS ASK be####banker.net
- ClassName: 'Shell_TrayWnd' WindowName: ''