Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Transaction Spooler VC Connections] 'Start' = '00000002'
- 'C:\lfcguavcnb\gjlpreqdiqfv.exe' "c:\lfcguavcnb\ingskffufd.exe"
- 'C:\lfcguavcnb\ingskffufd.exe'
- 'C:\lfcguavcnb\htfy8sh9zka3fuwsjqnr.exe'
- C:\lfcguavcnb\ingskffufd.exe
- C:\lfcguavcnb\gjlpreqdiqfv.exe
- C:\lfcguavcnb\fpmywawi
- %WINDIR%\lfcguavcnb\diqgkhsagur
- C:\lfcguavcnb\diqgkhsagur
- C:\lfcguavcnb\htfy8sh9zka3fuwsjqnr.exe
- C:\lfcguavcnb\gjlpreqdiqfv.exe
- C:\lfcguavcnb\ingskffufd.exe
- C:\lfcguavcnb\htfy8sh9zka3fuwsjqnr.exe
- %WINDIR%\lfcguavcnb\diqgkhsagur
- DNS ASK re####contain.net
- DNS ASK el####icbecame.net
- DNS ASK el####iccontain.net
- DNS ASK el####icbasket.net
- DNS ASK re####basket.net
- DNS ASK re####became.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK la###basket.net
- DNS ASK ca####nbasket.net
- DNS ASK el#####cindustry.net
- DNS ASK re####industry.net
- ClassName: 'Shell_TrayWnd' WindowName: ''