Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Link-Layer Device Initiator Connections] 'Start' = '00000002'
- 'C:\hmivadxlyr\latsqeybw.exe' "c:\hmivadxlyr\gbqfpjm.exe"
- 'C:\hmivadxlyr\gbqfpjm.exe'
- 'C:\hmivadxlyr\fmm8qktp9qukrybakf.exe'
- '<SYSTEM32>\wermgr.exe' "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_gbqfpjm.exe_4f46f6651ba585364546cc0a45691974cb7fd38_cab_1a46845b"
- C:\hmivadxlyr\gbqfpjm.exe
- C:\hmivadxlyr\latsqeybw.exe
- C:\hmivadxlyr\wnmsjbpxbh
- %WINDIR%\hmivadxlyr\qegoqmab4
- C:\hmivadxlyr\qegoqmab4
- C:\hmivadxlyr\fmm8qktp9qukrybakf.exe
- C:\hmivadxlyr\latsqeybw.exe
- C:\hmivadxlyr\gbqfpjm.exe
- C:\hmivadxlyr\fmm8qktp9qukrybakf.exe
- %WINDIR%\hmivadxlyr\qegoqmab4
- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_gbqfpjm.exe_4f46f6651ba585364546cc0a45691974cb7fd38_cab_1a46845b\Report.wer.tmp в C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_gbqfpjm.exe_4f46f6651ba585364546cc0a45691974cb7fd38_cab_1a46845b\Report.wer
- DNS ASK va####sspring.net
- DNS ASK re###nfound.net
- DNS ASK va####ssuccess.net
- DNS ASK re####spring.net
- DNS ASK va####sfound.net
- DNS ASK he###banker.net
- DNS ASK ge####success.net
- DNS ASK ge####banker.net
- DNS ASK dn#.##ftncsi.com
- ClassName: 'Shell_TrayWnd' WindowName: ''