Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'User-mode Group Configuration Audio WebClient' = 'C:\impxwaxgnf\vohycdvsevlk.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Layer Ordering Topology Base Error List] 'ImagePath' = 'C:\impxwaxgnf\vohycdvsevlk.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Layer Ordering Topology Base Error List] 'Start' = '00000002'
- 'C:\impxwaxgnf\eerzxmsqhpud.exe' "c:\impxwaxgnf\vohycdvsevlk.exe"
- 'C:\impxwaxgnf\vohycdvsevlk.exe'
- 'C:\impxwaxgnf\ooahr2n5sdw8vkaxz8x9.exe'
- C:\impxwaxgnf\vohycdvsevlk.exe
- C:\impxwaxgnf\eerzxmsqhpud.exe
- C:\impxwaxgnf\rux9inaczy0
- %WINDIR%\impxwaxgnf\wbjuveh
- C:\impxwaxgnf\wbjuveh
- C:\impxwaxgnf\ooahr2n5sdw8vkaxz8x9.exe
- C:\impxwaxgnf\eerzxmsqhpud.exe
- C:\impxwaxgnf\vohycdvsevlk.exe
- C:\impxwaxgnf\ooahr2n5sdw8vkaxz8x9.exe
- %WINDIR%\impxwaxgnf\wbjuveh
- %WINDIR%\impxwaxgnf\wbjuveh
- 'ma####alinside.net':80
- 'se###aready.net':80
- 'se####linside.net':80
- 'se####lbright.net':80
- 'ma####albright.net':80
- http://ma####alinside.net/index.php
- http://se###aready.net/index.php
- http://se####linside.net/index.php
- http://se####lbright.net/index.php
- http://ma####albright.net/index.php
- DNS ASK ma####alinside.net
- DNS ASK se###aready.net
- DNS ASK la###ready.net
- DNS ASK se####lbright.net
- DNS ASK ma####albright.net
- DNS ASK se####linside.net
- ClassName: 'Shell_TrayWnd' WindowName: ''