Техническая информация
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] 'NGEN iSCSI Block Fax Mapper Key' = 'C:\dmlzysi\ulicmdvpzq.exe'
- [<HKLM>\System\CurrentControlSet\Services\Adaptive Control Window] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Adaptive Control Window] 'ImagePath' = 'C:\dmlzysi\ulicmdvpzq.exe'
- %WINDIR%\dmlzysi\ayfhcpzabzx
- C:\dmlzysi\ayfhcpzabzx
- C:\dmlzysi\th6cmsmsljaiiqwznj1twm.exe
- C:\dmlzysi\ulicmdvpzq.exe
- C:\dmlzysi\ddwscgmszpbbe.exe
- C:\dmlzysi\mntgjdl
- C:\dmlzysi\ulicmdvpzq.exe
- C:\dmlzysi\ddwscgmszpbbe.exe
- %WINDIR%\dmlzysi\ayfhcpzabzx
- C:\dmlzysi\th6cmsmsljaiiqwznj1twm.exe
- %WINDIR%\dmlzysi\ayfhcpzabzx
- DNS ASK sc####ainbow.net
- DNS ASK ta#####pielenreiten.org
- DNS ASK do##bate.cn
- DNS ASK cl####portsmen.com
- DNS ASK ag#####anabolics.com
- DNS ASK gr###factory.cn
- 'C:\dmlzysi\th6cmsmsljaiiqwznj1twm.exe'
- 'C:\dmlzysi\ulicmdvpzq.exe'
- 'C:\dmlzysi\ddwscgmszpbbe.exe' "c:\dmlzysi\ulicmdvpzq.exe"