Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'BranchCache Desktop UPnP Name' = 'C:\oabibbevqmaht\vrjbpvcqwiwk.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SSDP Spooler Transfer Class HomeGroup] 'ImagePath' = 'C:\oabibbevqmaht\vrjbpvcqwiwk.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SSDP Spooler Transfer Class HomeGroup] 'Start' = '00000002'
- 'C:\oabibbevqmaht\kisgzsqmk.exe' "c:\oabibbevqmaht\vrjbpvcqwiwk.exe"
- 'C:\oabibbevqmaht\vrjbpvcqwiwk.exe'
- 'C:\oabibbevqmaht\ebb3cmgbfisiy0ef1lb.exe'
- C:\oabibbevqmaht\vrjbpvcqwiwk.exe
- C:\oabibbevqmaht\kisgzsqmk.exe
- C:\oabibbevqmaht\ykwzek9bc3a
- %WINDIR%\oabibbevqmaht\q0stutb
- C:\oabibbevqmaht\q0stutb
- C:\oabibbevqmaht\ebb3cmgbfisiy0ef1lb.exe
- C:\oabibbevqmaht\kisgzsqmk.exe
- C:\oabibbevqmaht\vrjbpvcqwiwk.exe
- C:\oabibbevqmaht\ebb3cmgbfisiy0ef1lb.exe
- %WINDIR%\oabibbevqmaht\q0stutb
- %WINDIR%\oabibbevqmaht\q0stutb
- 'se####lpower.net':80
- 'ma####alpower.net':80
- 'ma####alfamous.net':80
- 'ma####alcentury.net':80
- 'se####lfamous.net':80
- http://se####lpower.net/index.php
- http://ma####alpower.net/index.php
- http://ma####alfamous.net/index.php
- http://ma####alcentury.net/index.php
- http://se####lfamous.net/index.php
- DNS ASK se####lpower.net
- DNS ASK ma####alpower.net
- DNS ASK ma####alfamous.net
- DNS ASK ma####alcentury.net
- DNS ASK se####lfamous.net
- ClassName: 'Shell_TrayWnd' WindowName: ''