Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Helper Engine Transfer Audio IPsec' = '<LS_APPDATA>\dvwagzypdbc.exe'
- '<LS_APPDATA>\whqquwbidqlv.exe' "<LS_APPDATA>\dvwagzypdbc.exe"
- '<LS_APPDATA>\dvwagzypdbc.exe'
- '%TEMP%\j7l6iw810egmmdrwljuue.exe'
- <LS_APPDATA>\dpbkoyhvoxpky\rng
- <LS_APPDATA>\whqquwbidqlv.exe
- <LS_APPDATA>\dpbkoyhvoxpky\run
- <LS_APPDATA>\dpbkoyhvoxpky\por
- <LS_APPDATA>\dpbkoyhvoxpky\cfg
- %TEMP%\j7l6iw810egmmdrwljuue.exe
- <LS_APPDATA>\dpbkoyhvoxpky\tst
- <LS_APPDATA>\dpbkoyhvoxpky\etc
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dvwagzypdbc.exe
- <LS_APPDATA>\dvwagzypdbc.exe
- <LS_APPDATA>\whqquwbidqlv.exe
- <LS_APPDATA>\dvwagzypdbc.exe
- %TEMP%\j7l6iw810egmmdrwljuue.exe
- DNS ASK ja###uter.com
- DNS ASK go#####everytime.com
- DNS ASK si###unt.net
- DNS ASK si###cene.net
- DNS ASK ro###cene.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ga########all-talk-community.com
- DNS ASK sp###aguga.com
- DNS ASK el#####arimagine.com
- DNS ASK do####club-grup.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''