Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Key Assistant Control User-mode' = 'C:\fbbadjln\xikxluyq.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Time User Isolation PC Debugger Resource] 'ImagePath' = 'C:\fbbadjln\xikxluyq.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Time User Isolation PC Debugger Resource] 'Start' = '00000002'
- 'C:\fbbadjln\ypgelzvpqw.exe' "c:\fbbadjln\xikxluyq.exe"
- 'C:\fbbadjln\xikxluyq.exe'
- 'C:\fbbadjln\ks4s8ivbzigodutzt.exe'
- C:\fbbadjln\xikxluyq.exe
- C:\fbbadjln\ypgelzvpqw.exe
- C:\fbbadjln\ks4s8ivbzigodutzt.exe
- %WINDIR%\fbbadjln\jrrucj0v
- C:\fbbadjln\jrrucj0v
- C:\fbbadjln\ypgelzvpqw.exe
- C:\fbbadjln\xikxluyq.exe
- C:\fbbadjln\ks4s8ivbzigodutzt.exe
- %WINDIR%\fbbadjln\jrrucj0v
- %WINDIR%\fbbadjln\jrrucj0v
- 'ei####dinner.net':80
- http://ei####dinner.net/index.php
- DNS ASK ei####circle.net
- DNS ASK en####hcircle.net
- DNS ASK ex###twheat.net
- DNS ASK en####hafraid.net
- DNS ASK ei####dinner.net
- DNS ASK en####hdinner.net
- DNS ASK ei####afraid.net
- ClassName: 'Shell_TrayWnd' WindowName: ''