Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Gateway Framework Information Log Foundation' = 'C:\iqvgdulk\nokyioxrii.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Collector Studio Device Resolution Biometric] 'ImagePath' = 'C:\iqvgdulk\nokyioxrii.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Collector Studio Device Resolution Biometric] 'Start' = '00000002'
- 'C:\iqvgdulk\dhmugghtulao.exe' "c:\iqvgdulk\nokyioxrii.exe"
- 'C:\iqvgdulk\nokyioxrii.exe'
- 'C:\iqvgdulk\bxvuf4pxmmavl14xfbp.exe'
- C:\iqvgdulk\nokyioxrii.exe
- C:\iqvgdulk\dhmugghtulao.exe
- C:\iqvgdulk\bxvuf4pxmmavl14xfbp.exe
- %WINDIR%\iqvgdulk\rckkbqynaoa
- C:\iqvgdulk\rckkbqynaoa
- C:\iqvgdulk\dhmugghtulao.exe
- C:\iqvgdulk\nokyioxrii.exe
- C:\iqvgdulk\bxvuf4pxmmavl14xfbp.exe
- %WINDIR%\iqvgdulk\rckkbqynaoa
- %WINDIR%\iqvgdulk\rckkbqynaoa
- 'mo#####ttherefore.net':80
- 'ou####equestion.net':80
- 'mo####ntschool.net':80
- http://mo#####ttherefore.net/index.php
- http://ou####equestion.net/index.php
- http://mo####ntschool.net/index.php
- DNS ASK ou####equestion.net
- DNS ASK mo#####tquestion.net
- DNS ASK ou#####therefore.net
- DNS ASK mo#####ttherefore.net
- DNS ASK ou####eschool.net
- DNS ASK mo####ntschool.net
- DNS ASK ou####ewhile.net
- DNS ASK mo####ntwhile.net
- ClassName: 'Shell_TrayWnd' WindowName: ''