Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Block Manager Provider User AuthIP Detection Trap] 'Start' = '00000002'
- 'C:\qipgkeoa\jczxkcc.exe' "c:\qipgkeoa\vswggcxnjz.exe"
- 'C:\qipgkeoa\vswggcxnjz.exe'
- 'C:\qipgkeoa\xwbi8t0cdqwilvvuj.exe'
- C:\qipgkeoa\vswggcxnjz.exe
- C:\qipgkeoa\jczxkcc.exe
- C:\qipgkeoa\iwpij2p
- %WINDIR%\qipgkeoa\snkbwk8t5qv
- C:\qipgkeoa\snkbwk8t5qv
- C:\qipgkeoa\xwbi8t0cdqwilvvuj.exe
- C:\qipgkeoa\jczxkcc.exe
- C:\qipgkeoa\vswggcxnjz.exe
- C:\qipgkeoa\xwbi8t0cdqwilvvuj.exe
- %WINDIR%\qipgkeoa\snkbwk8t5qv
- DNS ASK an###rfence.net
- DNS ASK gl###guard.net
- DNS ASK gl###fence.net
- DNS ASK he####irplane.net
- DNS ASK di#####ltairplane.net
- DNS ASK an###rguard.net
- DNS ASK gl####irplane.net
- DNS ASK an####airplane.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK gl####traight.net
- DNS ASK an####straight.net
- ClassName: 'Shell_TrayWnd' WindowName: ''