Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Resolution Driver Source Connection' = 'C:\pduqdbjio\wajnbkifnl.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Parental DHCP DCOM Auto-Discovery] 'ImagePath' = 'C:\pduqdbjio\wajnbkifnl.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Parental DHCP DCOM Auto-Discovery] 'Start' = '00000002'
- 'C:\pduqdbjio\ltwjoamkjr.exe' "c:\pduqdbjio\wajnbkifnl.exe"
- 'C:\pduqdbjio\wajnbkifnl.exe'
- 'C:\pduqdbjio\pvc36totsvlndftlhwvc.exe'
- C:\pduqdbjio\wajnbkifnl.exe
- C:\pduqdbjio\ltwjoamkjr.exe
- C:\pduqdbjio\so8rjtbfa
- %WINDIR%\pduqdbjio\cxxnri
- C:\pduqdbjio\cxxnri
- C:\pduqdbjio\pvc36totsvlndftlhwvc.exe
- C:\pduqdbjio\ltwjoamkjr.exe
- C:\pduqdbjio\wajnbkifnl.exe
- C:\pduqdbjio\pvc36totsvlndftlhwvc.exe
- %WINDIR%\pduqdbjio\cxxnri
- %WINDIR%\pduqdbjio\cxxnri
- 'ef####except.net':80
- 'th####hexcept.net':80
- 'ef####bridge.net':80
- 'su####bicycle.net':80
- 'wi###nwhose.net':80
- 'su###rwhose.net':80
- http://ef####except.net/index.php
- http://th####hexcept.net/index.php
- http://ef####bridge.net/index.php
- http://su####bicycle.net/index.php
- http://wi###nwhose.net/index.php
- http://su###rwhose.net/index.php
- DNS ASK th####hexcept.net
- DNS ASK ef####bridge.net
- DNS ASK th####hbridge.net
- DNS ASK ef####except.net
- DNS ASK su####bicycle.net
- DNS ASK wi###nwhose.net
- DNS ASK su###rwhose.net
- ClassName: 'Shell_TrayWnd' WindowName: ''