Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Gateway AutoConnect IKE Multimedia Profile' = 'C:\ktrwrlvmp\ziuaegcixdd.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Link Modules Windows iSCSI Shell Defender] 'Start' = '00000002'
- 'C:\ktrwrlvmp\wyqbukuzd.exe' "c:\ktrwrlvmp\ziuaegcixdd.exe"
- 'C:\ktrwrlvmp\ziuaegcixdd.exe'
- 'C:\ktrwrlvmp\unqk2unbnhtonjo3gvu.exe'
- C:\ktrwrlvmp\ziuaegcixdd.exe
- C:\ktrwrlvmp\wyqbukuzd.exe
- C:\ktrwrlvmp\unqk2unbnhtonjo3gvu.exe
- %WINDIR%\ktrwrlvmp\shybuejf
- C:\ktrwrlvmp\shybuejf
- C:\ktrwrlvmp\wyqbukuzd.exe
- C:\ktrwrlvmp\ziuaegcixdd.exe
- C:\ktrwrlvmp\unqk2unbnhtonjo3gvu.exe
- %WINDIR%\ktrwrlvmp\shybuejf
- 'fo####become.net':80
- 'me####become.net':80
- 'me###rcover.net':80
- 'me####further.net':80
- 'fo###wcover.net':80
- 'fo####company.net':80
- 'be###cover.net':80
- 'kn###cover.net':80
- 'kn####urther.net':80
- 'me####company.net':80
- 'be####urther.net':80
- 'fo####further.net':80
- 'ge#####anfurther.net':80
- 'al####yfurther.net':80
- 'ex#####ncecompany.net':80
- 'ex#####ncebecome.net':80
- 'fr####ompany.net':80
- 'ge####mancover.net':80
- 'ge#####ancompany.net':80
- 'al####ycompany.net':80
- 'al####ybecome.net':80
- 'al####ycover.net':80
- 'ge####manbecome.net':80
- 'be###become.net':80
- 'th####tbecome.net':80
- 'wa###become.net':80
- 'wa###cover.net':80
- 'wa####urther.net':80
- 'th####tcover.net':80
- 'th####tcompany.net':80
- 'wo###cover.net':80
- 'sm###cover.net':80
- 'sm####urther.net':80
- 'wa####ompany.net':80
- 'wo####urther.net':80
- 'th####tfurther.net':80
- 'su####further.net':80
- 'cr####urther.net':80
- 'kn####ompany.net':80
- 'kn###become.net':80
- 'be####ompany.net':80
- 'su###rcover.net':80
- 'su####company.net':80
- 'cr####ompany.net':80
- 'cr###become.net':80
- 'cr###cover.net':80
- 'su####become.net':80
- 'cr###enough.net':80
- 'su####govern.net':80
- 'su####enough.net':80
- 'su####needle.net':80
- 'cr###needle.net':80
- 'cr###govern.net':80
- 'wa###needle.net':80
- 'th####tenough.net':80
- 'th####tneedle.net':80
- 'th####tnature.net':80
- 'wa###nature.net':80
- 'cr###nature.net':80
- 'kn###nature.net':80
- 'be###needle.net':80
- 'be###nature.net':80
- 'fo####govern.net':80
- 'me####govern.net':80
- 'kn###needle.net':80
- 'kn###govern.net':80
- 'su####nature.net':80
- 'be###govern.net':80
- 'be###enough.net':80
- 'kn###enough.net':80
- 'wa###enough.net':80
- 'fi###enough.net':80
- 'pa###govern.net':80
- 'pa###enough.net':80
- 'pa###needle.net':80
- 'fi###needle.net':80
- 'fi###govern.net':80
- 'ex####encecover.net':80
- 'fr###become.net':80
- 'fr###cover.net':80
- 'fr####urther.net':80
- 'ex#####ncefurther.net':80
- 'fi###nature.net':80
- 'sm###nature.net':80
- 'wo###needle.net':80
- 'wo###nature.net':80
- 'th####tgovern.net':80
- 'wa###govern.net':80
- 'sm###needle.net':80
- 'sm###govern.net':80
- 'pa###nature.net':80
- 'wo###govern.net':80
- 'wo###enough.net':80
- 'sm###enough.net':80
- http://fo####become.net/index.php
- http://me####become.net/index.php
- http://me###rcover.net/index.php
- http://me####further.net/index.php
- http://fo###wcover.net/index.php
- http://fo####company.net/index.php
- http://be###cover.net/index.php
- http://kn###cover.net/index.php
- http://kn####urther.net/index.php
- http://me####company.net/index.php
- http://be####urther.net/index.php
- http://fo####further.net/index.php
- http://ge#####anfurther.net/index.php
- http://al####yfurther.net/index.php
- http://ex#####ncecompany.net/index.php
- http://ex#####ncebecome.net/index.php
- http://fr####ompany.net/index.php
- http://ge####mancover.net/index.php
- http://ge#####ancompany.net/index.php
- http://al####ycompany.net/index.php
- http://al####ybecome.net/index.php
- http://al####ycover.net/index.php
- http://ge####manbecome.net/index.php
- http://be###become.net/index.php
- http://th####tbecome.net/index.php
- http://wa###become.net/index.php
- http://wa###cover.net/index.php
- http://wa####urther.net/index.php
- http://th####tcover.net/index.php
- http://th####tcompany.net/index.php
- http://wo###cover.net/index.php
- http://sm###cover.net/index.php
- http://sm####urther.net/index.php
- http://wa####ompany.net/index.php
- http://wo####urther.net/index.php
- http://th####tfurther.net/index.php
- http://su####further.net/index.php
- http://cr####urther.net/index.php
- http://kn####ompany.net/index.php
- http://kn###become.net/index.php
- http://be####ompany.net/index.php
- http://su###rcover.net/index.php
- http://su####company.net/index.php
- http://cr####ompany.net/index.php
- http://cr###become.net/index.php
- http://cr###cover.net/index.php
- http://su####become.net/index.php
- http://cr###enough.net/index.php
- http://su####govern.net/index.php
- http://su####enough.net/index.php
- http://su####needle.net/index.php
- http://cr###needle.net/index.php
- http://cr###govern.net/index.php
- http://wa###needle.net/index.php
- http://th####tenough.net/index.php
- http://th####tneedle.net/index.php
- http://th####tnature.net/index.php
- http://wa###nature.net/index.php
- http://cr###nature.net/index.php
- http://kn###nature.net/index.php
- http://be###needle.net/index.php
- http://be###nature.net/index.php
- http://fo####govern.net/index.php
- http://me####govern.net/index.php
- http://kn###needle.net/index.php
- http://kn###govern.net/index.php
- http://su####nature.net/index.php
- http://be###govern.net/index.php
- http://be###enough.net/index.php
- http://kn###enough.net/index.php
- http://wa###enough.net/index.php
- http://fi###enough.net/index.php
- http://pa###govern.net/index.php
- http://pa###enough.net/index.php
- http://pa###needle.net/index.php
- http://fi###needle.net/index.php
- http://fi###govern.net/index.php
- http://ex####encecover.net/index.php
- http://fr###become.net/index.php
- http://fr###cover.net/index.php
- http://fr####urther.net/index.php
- http://ex#####ncefurther.net/index.php
- http://fi###nature.net/index.php
- http://sm###nature.net/index.php
- http://wo###needle.net/index.php
- http://wo###nature.net/index.php
- http://th####tgovern.net/index.php
- http://wa###govern.net/index.php
- http://sm###needle.net/index.php
- http://sm###govern.net/index.php
- http://pa###nature.net/index.php
- http://wo###govern.net/index.php
- http://wo###enough.net/index.php
- http://sm###enough.net/index.php
- DNS ASK me####become.net
- DNS ASK fo####company.net
- DNS ASK fo####become.net
- DNS ASK fo###wcover.net
- DNS ASK me###rcover.net
- DNS ASK me####company.net
- DNS ASK kn###cover.net
- DNS ASK be###become.net
- DNS ASK be###cover.net
- DNS ASK be####urther.net
- DNS ASK kn####urther.net
- DNS ASK me####further.net
- DNS ASK al####yfurther.net
- DNS ASK ge####mancover.net
- DNS ASK ge#####anfurther.net
- DNS ASK fr####ompany.net
- DNS ASK ex#####ncecompany.net
- DNS ASK al####ycover.net
- DNS ASK al####ycompany.net
- DNS ASK fo####further.net
- DNS ASK ge#####ancompany.net
- DNS ASK ge####manbecome.net
- DNS ASK al####ybecome.net
- DNS ASK kn###become.net
- DNS ASK wa###become.net
- DNS ASK th####tcompany.net
- DNS ASK th####tbecome.net
- DNS ASK th####tcover.net
- DNS ASK wa###cover.net
- DNS ASK wa####ompany.net
- DNS ASK sm###cover.net
- DNS ASK wo###become.net
- DNS ASK wo###cover.net
- DNS ASK wo####urther.net
- DNS ASK sm####urther.net
- DNS ASK wa####urther.net
- DNS ASK cr####urther.net
- DNS ASK su###rcover.net
- DNS ASK su####further.net
- DNS ASK be####ompany.net
- DNS ASK kn####ompany.net
- DNS ASK cr###cover.net
- DNS ASK cr####ompany.net
- DNS ASK th####tfurther.net
- DNS ASK su####company.net
- DNS ASK su####become.net
- DNS ASK cr###become.net
- DNS ASK ex#####ncebecome.net
- DNS ASK cr###enough.net
- DNS ASK su####govern.net
- DNS ASK su####enough.net
- DNS ASK su####needle.net
- DNS ASK cr###needle.net
- DNS ASK cr###govern.net
- DNS ASK wa###needle.net
- DNS ASK th####tenough.net
- DNS ASK th####tneedle.net
- DNS ASK th####tnature.net
- DNS ASK wa###nature.net
- DNS ASK cr###nature.net
- DNS ASK kn###nature.net
- DNS ASK be###needle.net
- DNS ASK be###nature.net
- DNS ASK fo####govern.net
- DNS ASK me####govern.net
- DNS ASK kn###needle.net
- DNS ASK kn###govern.net
- DNS ASK su####nature.net
- DNS ASK be###govern.net
- DNS ASK be###enough.net
- DNS ASK kn###enough.net
- DNS ASK wa###enough.net
- DNS ASK fi###enough.net
- DNS ASK pa###govern.net
- DNS ASK pa###enough.net
- DNS ASK pa###needle.net
- DNS ASK fi###needle.net
- DNS ASK fi###govern.net
- DNS ASK ex####encecover.net
- DNS ASK fr###become.net
- DNS ASK fr###cover.net
- DNS ASK fr####urther.net
- DNS ASK ex#####ncefurther.net
- DNS ASK fi###nature.net
- DNS ASK sm###nature.net
- DNS ASK wo###needle.net
- DNS ASK wo###nature.net
- DNS ASK th####tgovern.net
- DNS ASK wa###govern.net
- DNS ASK sm###needle.net
- DNS ASK sm###govern.net
- DNS ASK pa###nature.net
- DNS ASK wo###govern.net
- DNS ASK wo###enough.net
- DNS ASK sm###enough.net
- ClassName: 'Shell_TrayWnd' WindowName: ''