Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Upgrade Accounts Network Input Link-Layer Source] 'Start' = '00000002'
- 'C:\sgvquxjztoptrq\bncenlrcd.exe' "c:\sgvquxjztoptrq\bkaqesq.exe"
- 'C:\sgvquxjztoptrq\bkaqesq.exe'
- 'C:\sgvquxjztoptrq\mh6uzmgkspy6cokj.exe'
- C:\sgvquxjztoptrq\bkaqesq.exe
- C:\sgvquxjztoptrq\bncenlrcd.exe
- C:\sgvquxjztoptrq\vnhncjmqzkuj
- %WINDIR%\sgvquxjztoptrq\ndfynij
- C:\sgvquxjztoptrq\ndfynij
- C:\sgvquxjztoptrq\mh6uzmgkspy6cokj.exe
- C:\sgvquxjztoptrq\bncenlrcd.exe
- C:\sgvquxjztoptrq\bkaqesq.exe
- C:\sgvquxjztoptrq\mh6uzmgkspy6cokj.exe
- %WINDIR%\sgvquxjztoptrq\ndfynij
- DNS ASK ch####enadvance.net
- DNS ASK ci#####tefortieth.net
- DNS ASK fa####advance.net
- DNS ASK fa####stranger.net
- DNS ASK ch#####nstranger.net
- DNS ASK pi####efortieth.net
- DNS ASK ci#####testranger.net
- DNS ASK pi####estranger.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ci#####tegoodbye.net
- DNS ASK pi####egoodbye.net
- ClassName: 'Shell_TrayWnd' WindowName: ''