Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Connection Provider Class IKE] 'Start' = '00000002'
- 'C:\sviviiyddiaqbng\wajyedwgj.exe' "c:\sviviiyddiaqbng\jwntmpasnxd.exe"
- 'C:\sviviiyddiaqbng\jwntmpasnxd.exe'
- 'C:\sviviiyddiaqbng\jq7lc7nyogzlcnzw.exe'
- C:\sviviiyddiaqbng\jwntmpasnxd.exe
- C:\sviviiyddiaqbng\wajyedwgj.exe
- C:\sviviiyddiaqbng\sshlkgqdp
- %WINDIR%\sviviiyddiaqbng\xhnkr0baw3ho
- C:\sviviiyddiaqbng\xhnkr0baw3ho
- C:\sviviiyddiaqbng\jq7lc7nyogzlcnzw.exe
- C:\sviviiyddiaqbng\wajyedwgj.exe
- C:\sviviiyddiaqbng\jwntmpasnxd.exe
- C:\sviviiyddiaqbng\jq7lc7nyogzlcnzw.exe
- %WINDIR%\sviviiyddiaqbng\xhnkr0baw3ho
- DNS ASK va####slanguage.net
- DNS ASK re####settle.net
- DNS ASK re####language.net
- DNS ASK re####device.net
- DNS ASK va####sdevice.net
- DNS ASK va####ssettle.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK he###device.net
- DNS ASK ge####device.net
- DNS ASK ge####before.net
- DNS ASK he###before.net
- ClassName: 'Shell_TrayWnd' WindowName: ''