Техническая информация
Для обеспечения автозапуска и распространения:
Модифицирует следующие ключи реестра:
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = 'aNIoBJvwS.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'LoadAppInit_DLLs' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = '<Полный путь к вирусу>'
Вредоносные функции:
Для затруднения выявления своего присутствия в системе
блокирует:
- Средство контроля пользовательских учетных записей (UAC)
Изменения в файловой системе:
Создает следующие файлы:
- <SYSTEM32>\ouwKnp.exe
- <DRIVERS>\PbduYffI.dll
- <DRIVERS>\GGXxgUKCV.exe
- <SYSTEM32>\iyugjQGW.dll
- %WINDIR%\jWoupMdo.exe
- <DRIVERS>\ILfonIg.dll
- <SYSTEM32>\tbqutQJT.dll
- <SYSTEM32>\VlvHExj.exe
- %WINDIR%\XKnqmM.exe
- <SYSTEM32>\hYHJsqADr.dll
- %WINDIR%\ANFxAg.dll
- <DRIVERS>\DoAykGmYV.exe
- <SYSTEM32>\qmmmtw.dll
- <SYSTEM32>\vEfYn.exe
- <SYSTEM32>\yjhpkEYv.exe
- %WINDIR%\ySpsl.exe
- %WINDIR%\yluPsyWr.exe
- <SYSTEM32>\NEWAdQtB.dll
- %WINDIR%\xPfHIXiPP.dll
- %WINDIR%\FcAVSY.dll
- <SYSTEM32>\QqJrTHRrt.exe
- <SYSTEM32>\BUlJOWJW.exe
- <DRIVERS>\jIgdubkv.dll
- <SYSTEM32>\feoYwDR.dll
- %WINDIR%\tKeRmt.exe
- <SYSTEM32>\YNdrClWQ.dll
- %WINDIR%\esujYoyNk.dll
- <SYSTEM32>\tWoWxB.dll
- <DRIVERS>\DForyyMW.dll
- <SYSTEM32>\yUtHFDkVu.dll
- %WINDIR%\BuFvR.exe
- <DRIVERS>\vowiltoa.dll
- <DRIVERS>\wDbsguD.exe
- %WINDIR%\DpDluoT.exe
- <DRIVERS>\KXsdxioHE.dll
- <SYSTEM32>\ykTlEjw.exe
- <SYSTEM32>\MGLUfVojy.exe
- %WINDIR%\Vfaevl.exe
- <SYSTEM32>\obhwaie.exe
- <DRIVERS>\yfviXJ.dll
- <SYSTEM32>\gLCMoMvjf.exe
- %WINDIR%\bymek.dll
- %WINDIR%\HlPXxUqNi.exe
- <SYSTEM32>\BbabeH.dll
- %WINDIR%\lKXePMv.exe
- <SYSTEM32>\jBmfQh.exe
- %WINDIR%\TLRiG.exe
- <DRIVERS>\KswtOr.exe
- %WINDIR%\wNxwG.exe
- <SYSTEM32>\NxPVIWJJk.dll
- %WINDIR%\tHqfSw.exe
- <DRIVERS>\OKERT.dll
- %WINDIR%\PoMIh.dll
- <SYSTEM32>\IqghOLO.dll
- %WINDIR%\UIvYUmLjL.dll
- <DRIVERS>\JWGFSaa.dll
- %WINDIR%\XrxehGR.dll
- <DRIVERS>\limcV.exe
- %WINDIR%\avEjKKdDM.exe
- %WINDIR%\jYYaGs.dll
- %WINDIR%\BDJWnLdlR.dll
- <SYSTEM32>\xEuIGBL.exe
- <SYSTEM32>\JkJAR.dll
- %WINDIR%\faUROymPX.exe
- %WINDIR%\LGFla.dll
- <DRIVERS>\twvQPWOi.dll
- %WINDIR%\kRiNgUaCy.dll
- %WINDIR%\cSDiIFiN.exe
- <DRIVERS>\XEPROS.exe
- <SYSTEM32>\bueBqeju.exe
- <DRIVERS>\QQsHPekt.exe
- %WINDIR%\bNmRvb.dll
- <DRIVERS>\uyNuCRKoq.exe
- <SYSTEM32>\BpcMPiky.dll
- %WINDIR%\eTAOQJ.dll
- <SYSTEM32>\rKimC.exe
- <SYSTEM32>\rCwGymdmw.dll
- <SYSTEM32>\smYwjHdt.exe
- <DRIVERS>\POdSML.dll
- %WINDIR%\NvQaxyd.dll
- %WINDIR%\UFDmP.exe
- <SYSTEM32>\FBhJX.exe
- <DRIVERS>\rgjbdIqwd.exe
- <SYSTEM32>\UOlNrYv.dll
- %WINDIR%\YLVVQMVJN.exe
- <DRIVERS>\fQIlj.exe
- <DRIVERS>\yeeRxpWj.exe
- <DRIVERS>\PxLnPWR.dll
- %WINDIR%\dbeoKXi.exe
- %WINDIR%\qufXaq.exe
- %WINDIR%\KGeWxlXJC.dll
- <DRIVERS>\KqJhfefxW.exe
- %WINDIR%\ugrnfl.exe
- %WINDIR%\piejHh.dll
- <SYSTEM32>\JGMlxqhmp.exe
- <DRIVERS>\KSUINau.exe
- <DRIVERS>\JuYRbSxp.dll
- %WINDIR%\FHerGIVJ.dll
- <SYSTEM32>\MQnTM.exe
- <DRIVERS>\AvNqkRScp.exe
- %WINDIR%\XTBTp.dll
- <SYSTEM32>\cUcEDQcRR.dll
- %WINDIR%\RddpiGPfJ.exe
- <SYSTEM32>\tNVeSBbI.exe
- %WINDIR%\qImQD.dll
- <DRIVERS>\fovHirns.dll
- <DRIVERS>\FvjuB.dll
- %WINDIR%\SxGvQ.exe
- <DRIVERS>\Sopekco.dll
- <SYSTEM32>\JhMBl.dll
- <DRIVERS>\tHSamnP.dll
- %WINDIR%\neBnIgdWt.exe
- <SYSTEM32>\QIqsntJiq.exe
- %WINDIR%\jFimpNqq.dll
- %WINDIR%\rqlMiHGHT.dll
- <DRIVERS>\BrOWv.exe
- <DRIVERS>\GktKlfy.dll
- %WINDIR%\sTwIuVbTe.exe
- <DRIVERS>\YXynBDIb.dll
- <SYSTEM32>\Dhhma.dll
- <SYSTEM32>\unFyVPvwR.dll
- <DRIVERS>\qwNThUNQf.exe
- <DRIVERS>\ppfmPt.exe
- <DRIVERS>\ScWRaVj.exe
- %WINDIR%\QhMXK.exe
- <SYSTEM32>\lKWpU.dll
- <SYSTEM32>\sLyITct.dll
- %WINDIR%\oOHYwok.dll
- <DRIVERS>\oxuTCE.dll
- <SYSTEM32>\CarSM.exe
- %WINDIR%\OjptpWrq.exe
- <DRIVERS>\hUQBPs.dll
- %WINDIR%\EKWikY.exe
- <SYSTEM32>\mBKnYm.dll
- <SYSTEM32>\MwRNIRBMi.dll
- %WINDIR%\LqWIGWdD.dll
- %WINDIR%\PQJooUh.exe
- <SYSTEM32>\AxTtSJjao.dll
- %WINDIR%\FtgPfmnrx.dll
- <DRIVERS>\MSGcgnJVX.exe
- %WINDIR%\gmjKaOa.dll
- <DRIVERS>\EVMafeNxK.exe
- <SYSTEM32>\lElMQ.dll
- %WINDIR%\oUPFekW.exe
- <SYSTEM32>\whtUCrIec.dll
- %WINDIR%\nfOscL.dll
- <DRIVERS>\RuwAeWy.exe
- <SYSTEM32>\sKtip.exe
- <SYSTEM32>\yohBLwyS.exe
- <SYSTEM32>\wQjlSCud.exe
- %WINDIR%\oMHxb.dll
- <SYSTEM32>\WXFdNItWy.dll
- <SYSTEM32>\qDrIcI.dll
- %WINDIR%\Yyayu.dll
- %WINDIR%\vrusVUS.dll
- %WINDIR%\YpirWQ.exe
- %WINDIR%\kpyMOBTu.dll
- <SYSTEM32>\HtJsc.dll
- %WINDIR%\mvwNknAY.exe
- %WINDIR%\mLIcfn.dll
- %WINDIR%\mJjjCHnFk.exe
- %WINDIR%\RUUDlHqjp.exe
- %WINDIR%\eHRoq.dll
- <DRIVERS>\VrvKPWoC.exe
- <DRIVERS>\FUPTVeH.exe
- <DRIVERS>\emuTMC.dll
- <SYSTEM32>\HfukwKMEV.exe
- <SYSTEM32>\YEpxdeI.exe
- <SYSTEM32>\GAxdqhou.exe
- %WINDIR%\CqYfpHk.dll
- <DRIVERS>\wDucHP.exe
- <SYSTEM32>\jPMJmlSp.dll
- <DRIVERS>\ECiSqKlXF.dll
- <SYSTEM32>\hLrWT.exe
- %WINDIR%\LLJAY.exe
- <SYSTEM32>\oyfBARu.exe
- <DRIVERS>\AptEKt.exe
- %WINDIR%\hSjduHX.exe
- %WINDIR%\OpkHRcCdQ.exe
- <SYSTEM32>\bCdgE.dll
- <DRIVERS>\fjLSDPGr.dll
- <DRIVERS>\bOWcLXWf.exe
- <SYSTEM32>\Mrwbow.exe
- <SYSTEM32>\SqwMGy.exe
- <DRIVERS>\sKqIi.exe
- %WINDIR%\AHgrbkJov.exe
- <SYSTEM32>\QvWWj.exe
- <SYSTEM32>\QFQsPknl.dll
- %WINDIR%\NWCwRYS.dll
- <SYSTEM32>\SyLcsbQr.dll
- %WINDIR%\KcUytEp.dll
- %WINDIR%\kHHgDjT.exe
- <DRIVERS>\smJmADvcg.exe
- %WINDIR%\umfvTri.exe
- <DRIVERS>\riDkepH.dll
- <DRIVERS>\XeLVHxP.dll
- <SYSTEM32>\MkSCo.exe
- <DRIVERS>\jnIPlcRG.exe
- <SYSTEM32>\NJpUD.exe
- %WINDIR%\SWmoLAc.exe
- <DRIVERS>\lmoErQq.dll
- <SYSTEM32>\nkGlJjVU.dll
- <SYSTEM32>\mdQCtdWoP.dll
- %WINDIR%\jGggKg.dll
- <DRIVERS>\wNMmiPQA.dll
- <SYSTEM32>\dmoElaywi.dll
- <DRIVERS>\YwJKdUM.exe
- <SYSTEM32>\SIBShE.exe
- <DRIVERS>\ysSdgN.dll
- %WINDIR%\kiRUaRAbE.exe
- <SYSTEM32>\cqJngsRQ.exe
- <SYSTEM32>\fWksPly.dll
- <DRIVERS>\fvTbS.exe
- <SYSTEM32>\tCAgXB.dll
- <SYSTEM32>\cFOKR.dll
- <DRIVERS>\fYciXxNpd.exe
- <DRIVERS>\dIwkqtcjr.dll
- %WINDIR%\JYHBNNF.dll
- <SYSTEM32>\DfHmY.dll
- <SYSTEM32>\AEAUXElc.dll
- <DRIVERS>\xRCoWf.exe
- <SYSTEM32>\oHQsRyFk.dll
- <DRIVERS>\wCoQKEM.dll
- %WINDIR%\YvgdVg.exe
- <DRIVERS>\YUQFJIpxx.exe
- %WINDIR%\oQGqMMVS.exe
- <DRIVERS>\hcVMKo.dll
- %WINDIR%\cDSkbwc.dll
- <DRIVERS>\SbwsJnFr.exe
- <DRIVERS>\SarIdOp.exe
- <SYSTEM32>\pckaOyD.dll
- <DRIVERS>\KNBGuYQ.exe
- <DRIVERS>\RmaxtrfkR.dll
- <DRIVERS>\jfLwpLuNJ.exe
- <SYSTEM32>\rgPSrwls.dll
- %WINDIR%\fbSFDlO.dll
- <SYSTEM32>\RYarEm.dll
- <DRIVERS>\dTjSx.exe
- %WINDIR%\ULLmKBF.exe
- %WINDIR%\xISxlg.dll
- <SYSTEM32>\knQVVtu.dll
- <DRIVERS>\CuCwsgvIr.exe
- <SYSTEM32>\erpYiNym.dll
- <SYSTEM32>\bcubYrvVE.exe
- <SYSTEM32>\gtfJtbRRL.dll
- <DRIVERS>\vFYnAvIk.dll
- <SYSTEM32>\BfSrcKrO.dll
- <SYSTEM32>\VYGWG.dll
- %WINDIR%\jDOvhHy.dll
- %WINDIR%\IjRtGb.dll
- <SYSTEM32>\QggQrRDI.exe
- %WINDIR%\Owvoc.exe
- <DRIVERS>\WgdBjSp.exe
- %WINDIR%\mswyhxE.dll
- %WINDIR%\NleVxlpoy.dll
- <DRIVERS>\gRdijW.exe
- %WINDIR%\fbeajbvC.exe
- %WINDIR%\OhPQbAmh.dll
- <DRIVERS>\gyHBK.exe
- <SYSTEM32>\kSsyQtsxT.exe
- %WINDIR%\mbdUYLcv.exe
- <SYSTEM32>\vPHrXv.dll
- <DRIVERS>\mfvBA.dll
- %WINDIR%\edbjMppKh.dll
- <DRIVERS>\RNVuh.exe
- <SYSTEM32>\TVELRyP.exe
- <DRIVERS>\TEyXp.exe
- <DRIVERS>\AhOHHMk.dll
- <DRIVERS>\RJffssi.dll
- <DRIVERS>\Sqvkhq.dll
- <SYSTEM32>\FBpms.exe
- %WINDIR%\CADrwHwo.dll
- <SYSTEM32>\lcRLjXvQU.dll
- <DRIVERS>\LFBHoQj.exe
- <SYSTEM32>\uOphGvKoa.dll
- %WINDIR%\lxsCIs.dll
- <DRIVERS>\QybXu.exe
- %WINDIR%\JgaJIQMI.exe
- <SYSTEM32>\QHSFJs.exe
- <DRIVERS>\lFBacw.exe
- <DRIVERS>\OfkTgTQV.dll
- %WINDIR%\mskuPEV.exe
- <SYSTEM32>\vrIuQAxul.exe
- <DRIVERS>\MbHHBcSB.exe
- <DRIVERS>\ilLqTxt.dll
- %WINDIR%\pKNGSsb.exe
- <SYSTEM32>\vxcigD.dll
- <DRIVERS>\snOHsbD.dll
- <SYSTEM32>\WtdWQOY.exe
- <DRIVERS>\GuOyuJQ.exe
- <SYSTEM32>\ERptbIck.dll
- <DRIVERS>\DeFRQdu.dll
- <SYSTEM32>\RgpDBa.dll
- <SYSTEM32>\FDRAKWW.exe
- %WINDIR%\IopItad.exe
- %WINDIR%\WmKoAsp.dll
- <SYSTEM32>\GeASri.dll
- %WINDIR%\IomiR.exe
- %WINDIR%\XKRwBIFT.dll
- %WINDIR%\xoMCwGYW.dll
- <DRIVERS>\bAesCk.exe
- <SYSTEM32>\GMMRnmor.dll
- <DRIVERS>\VVgkqE.exe
- <DRIVERS>\TMwHBM.exe
- <SYSTEM32>\LHkPRCQIb.exe
- %WINDIR%\CiTht.exe
- %WINDIR%\bWfnxP.dll
- <SYSTEM32>\BdSUgytRM.dll
- %WINDIR%\VKfRyHLpR.exe
- <DRIVERS>\pxDpD.exe
- <SYSTEM32>\BQrOLJA.exe
- <DRIVERS>\rgYODRdeV.dll
- <SYSTEM32>\jXEHIFA.exe
- <SYSTEM32>\srYsJCv.exe
- <SYSTEM32>\ISgkmBqw.dll
- %WINDIR%\TtySOafv.exe
- <SYSTEM32>\WKcIRfeD.dll
- %WINDIR%\NgAht.exe
- %WINDIR%\HbkuftuGL.exe
- %WINDIR%\fsYShKGou.dll
- <DRIVERS>\vkJAsxe.dll
- <SYSTEM32>\LjVqqw.exe
- <DRIVERS>\hCXSFNKfF.dll
- <SYSTEM32>\tAySeJSq.exe
- <SYSTEM32>\FrPNmoFc.exe
- <SYSTEM32>\rOFNAKEo.dll
- <SYSTEM32>\ctQVKHQ.exe
- <DRIVERS>\uLOjU.exe
- <SYSTEM32>\VTcJX.exe
- %WINDIR%\FVkTR.dll
- <SYSTEM32>\Skvec.exe
- %WINDIR%\hoPtH.dll
- <DRIVERS>\QylXBHAWi.dll
- <DRIVERS>\JYdrV.dll
- <DRIVERS>\DnYoh.dll
- %WINDIR%\IjPWfhmkS.exe
- %WINDIR%\ErjsBqvDB.exe
- <DRIVERS>\lBgvAKfK.exe
- <DRIVERS>\QFgRvPuu.exe
- <DRIVERS>\FTFnkCk.exe
- <DRIVERS>\BfJIA.exe
- <DRIVERS>\uXWPOvAf.exe
- <SYSTEM32>\dEdQcS.dll
- <SYSTEM32>\sDqoPGKIc.dll
- <DRIVERS>\WcekDMbr.dll
- <SYSTEM32>\TeSih.exe
- %WINDIR%\IWceG.exe
- %WINDIR%\rLauNDw.exe
- <DRIVERS>\sNfDLq.dll
- %WINDIR%\tARPVKbut.dll
- %WINDIR%\gWTWqKj.exe
- <SYSTEM32>\jVEGw.dll
- %WINDIR%\VfntWwo.dll
- %WINDIR%\LFbbOWs.dll
- <DRIVERS>\hWerxMTW.dll
- <SYSTEM32>\EeQUmFDiH.exe
- %WINDIR%\euIgta.exe
- %WINDIR%\xKiRyMu.exe
- %WINDIR%\TvHGaFVii.exe
- <SYSTEM32>\LWDtn.dll
- %WINDIR%\RqFssI.exe
- <DRIVERS>\wRsyHjEL.dll
- <SYSTEM32>\CoXAEEh.exe
- %WINDIR%\MOXPQ.exe
- <DRIVERS>\bbQWCBG.dll
- <DRIVERS>\IBTOxr.dll
- <SYSTEM32>\wthheSr.exe
- <DRIVERS>\MnyNGaF.dll
- <DRIVERS>\IbQFcJsD.dll
- <SYSTEM32>\xdxSb.dll
- <SYSTEM32>\RVEQFhxH.exe
- <DRIVERS>\BxoKMFGp.dll
- <SYSTEM32>\sYNOhkuWR.exe
- <SYSTEM32>\vCtVXF.exe
- <SYSTEM32>\OlBcjvLEv.exe
- <SYSTEM32>\tNaRw.dll
- <DRIVERS>\sPtmjtwB.dll
- %WINDIR%\rxxCEXDC.dll
- <SYSTEM32>\wHXsJ.dll
- <SYSTEM32>\urwAQJwKU.dll
- <DRIVERS>\AuRaKTF.dll
- %WINDIR%\PkdDRe.exe
- %WINDIR%\JGrWaG.dll
- <SYSTEM32>\BLBuJgxgf.dll
- <DRIVERS>\LRRhix.exe
- <SYSTEM32>\QfRrNIVf.dll
- %WINDIR%\QGDaCiwto.exe
- <SYSTEM32>\nhHHSNTLj.exe
- <SYSTEM32>\OLMvx.dll
- <DRIVERS>\qbSxn.dll
- <DRIVERS>\SIYSAABW.exe
- %WINDIR%\CTfOOd.dll
- %WINDIR%\CoGLLjPsq.dll
- <DRIVERS>\tqgBa.dll
- <SYSTEM32>\rGHPRS.dll
- <DRIVERS>\XRsEkw.exe
- <DRIVERS>\YMBTOJC.dll
- <DRIVERS>\HDejjOOLG.exe
- %WINDIR%\RFCWRvfc.exe
- %WINDIR%\bVEcu.dll
- %WINDIR%\IAnXbyQv.dll
- %WINDIR%\pYGRVfbmJ.exe
- <SYSTEM32>\aGEeX.dll
- %WINDIR%\cKqmVi.exe
- <SYSTEM32>\tyunDn.exe
- <SYSTEM32>\kJKqC.exe
- %WINDIR%\VnRBTUB.dll
- %WINDIR%\hMvjO.exe
- %WINDIR%\gRtkjx.exe
- <SYSTEM32>\VLsiadFKc.dll
- <SYSTEM32>\VWidhvAiB.dll
- <SYSTEM32>\EAeBmARAq.exe
- <SYSTEM32>\RimiqIYc.dll
- %WINDIR%\jQwWd.dll
- <SYSTEM32>\jyiWtTL.dll
- %WINDIR%\XEVEWww.exe
- <DRIVERS>\BWnnfKg.dll
- <SYSTEM32>\GfrOtKV.exe
- <SYSTEM32>\pJNLA.dll
- %WINDIR%\yHhgp.dll
- %WINDIR%\GdWufXdpb.exe
- %WINDIR%\DxGWgByR.dll
- <DRIVERS>\XfXHYTw.dll
- <DRIVERS>\TGwAxu.dll
- <SYSTEM32>\shvweVI.exe
- <DRIVERS>\cvIVU.dll
- <SYSTEM32>\yJpKxryMS.exe
- %WINDIR%\cIJMN.exe
- %WINDIR%\JpsKLDnkJ.dll
- %WINDIR%\bbCTOcbB.dll
- <SYSTEM32>\DtsRtNCmg.exe
- <SYSTEM32>\xnjyXwE.exe
- <SYSTEM32>\kSpxunL.exe
- <DRIVERS>\HKuEgJSH.exe
- %WINDIR%\GYjlFpABI.exe
- <SYSTEM32>\GlmoInbkW.exe
- <DRIVERS>\vDwaHCCF.exe
- %WINDIR%\bqikXGeML.exe
- <SYSTEM32>\OLMFJPLe.dll
- <SYSTEM32>\ypsbyjX.exe
- <SYSTEM32>\BAEyHP.dll
- <DRIVERS>\XCJFxBvh.dll
- <DRIVERS>\UtpsYsIhm.exe
- %WINDIR%\hgiTxrLye.dll
- <DRIVERS>\GVhjMxSbC.dll
- <DRIVERS>\EbcqrHSNp.dll
- %WINDIR%\SmqraCsTw.dll
- <SYSTEM32>\LxerVA.exe
- %WINDIR%\TyhOe.exe
- %WINDIR%\LactSNgj.exe
- <DRIVERS>\JlQLjlOg.dll
- <DRIVERS>\nctSAqoHo.dll
- <DRIVERS>\LcJOI.exe
- <DRIVERS>\PRIiC.exe
- <DRIVERS>\cohlkmrq.exe
- <DRIVERS>\raPoUuqG.exe
- <SYSTEM32>\DLNATH.exe
- <SYSTEM32>\GCPvf.exe
- <DRIVERS>\XrNhI.exe
- <DRIVERS>\keVUofINN.dll
- <DRIVERS>\EdMGUkC.exe
- %WINDIR%\eBQlr.exe
- <DRIVERS>\igmmOYpC.exe
- <DRIVERS>\ihUQvl.dll
- <DRIVERS>\FyTQtWlYd.exe
- <DRIVERS>\KAIKwhG.exe
- <SYSTEM32>\aNIoBJvwS.dll
- %TEMP%\HTMLayout.dll
- <SYSTEM32>\TidqiXGJ.exe
- %WINDIR%\fvqEN.exe
- <SYSTEM32>\MRgkqw.exe
- <SYSTEM32>\vIvHc.dll
- <DRIVERS>\homtP.exe
- %WINDIR%\VjaIK.exe
- %WINDIR%\BlSIBoVR.exe
- <SYSTEM32>\HHwgvxYC.dll
- <SYSTEM32>\FxWdXCPw.dll
- <SYSTEM32>\cwhuYDr.dll
- <DRIVERS>\atdtX.dll
- %WINDIR%\CiEWxxkP.exe
- <DRIVERS>\DFlROH.exe
- %WINDIR%\cQIcUOa.dll
- <SYSTEM32>\bHbnjcnr.exe
- <SYSTEM32>\YvDuhjJc.dll
- %WINDIR%\gsFTkf.dll
- <DRIVERS>\noxFaeBeT.dll
- <DRIVERS>\lIGugHT.dll
- <DRIVERS>\EnmMH.dll
- <DRIVERS>\OWdDiiQj.exe
- <SYSTEM32>\BOAqJWwoE.dll
- %WINDIR%\hWJxX.exe
- %WINDIR%\heTyESDkN.exe
- <SYSTEM32>\XVpLDJaMQ.exe
- %WINDIR%\WdHnhneJ.dll
- %WINDIR%\ynrePJ.exe
- <DRIVERS>\EbkpfjeLQ.dll
- <DRIVERS>\agLPWHS.exe
- <DRIVERS>\MMEyrCv.exe
- %WINDIR%\mNPqW.dll
- <SYSTEM32>\psyir.exe
- <SYSTEM32>\mYQaifrV.exe
- <SYSTEM32>\wLEsw.exe
- <SYSTEM32>\bYAHsttex.dll
- <SYSTEM32>\MKKelpJmc.dll
- <DRIVERS>\THGhGcOpC.dll
- <SYSTEM32>\kdjQHQU.exe
- %WINDIR%\LGQIdBnJy.exe
- <SYSTEM32>\sVCAmBMkD.exe
- <DRIVERS>\TVhheAm.exe
- <DRIVERS>\quAVLhy.dll
- <DRIVERS>\ToYdD.dll
- %WINDIR%\uDYHl.exe
- %WINDIR%\GqHObk.exe
- <DRIVERS>\VsvEs.exe
- <SYSTEM32>\kfqFeja.exe
- <DRIVERS>\EsHcEkjI.dll
- <DRIVERS>\lnEiHJP.exe
- <DRIVERS>\ytmuLwTE.dll
- %WINDIR%\FWlXJ.dll
- <DRIVERS>\vOmTL.exe
- <SYSTEM32>\kdJjl.exe
- %WINDIR%\SmidIKijw.dll
- %WINDIR%\mtefYHmC.exe
- <DRIVERS>\cDWRM.exe
- <SYSTEM32>\sQMWWKVMu.dll
- <SYSTEM32>\LxNJRhrC.dll
- <DRIVERS>\MfmUfcOk.dll
- %WINDIR%\XYGXSl.exe
- <DRIVERS>\GoUBJPm.exe
- <DRIVERS>\peYypTiu.exe
- <SYSTEM32>\Wiaaj.dll
- %WINDIR%\ajLcR.exe
- <DRIVERS>\hLsfTc.dll
- %WINDIR%\Euxyb.dll
- <SYSTEM32>\dpGjtG.dll
- %WINDIR%\IBVbN.exe
- <DRIVERS>\NrGqO.exe
- <SYSTEM32>\PUitoHW.exe
- %WINDIR%\ODhtqUpBF.exe
- %WINDIR%\MKJSOCKq.dll
- <SYSTEM32>\gIXmavlrh.dll
- <DRIVERS>\YKUhRqL.exe
- <DRIVERS>\PQfqsMXSa.exe
- %WINDIR%\FQcQru.dll
- %WINDIR%\YgpFiu.dll
- <DRIVERS>\LYplPv.exe
- %WINDIR%\DkoyKURaW.dll
- <DRIVERS>\GtbOsxLv.exe
- <SYSTEM32>\CcpdSK.dll
- %WINDIR%\GLJTx.dll
- <SYSTEM32>\DPywIlk.exe
- %WINDIR%\beHxtmO.exe
- <DRIVERS>\HIxrQhf.dll
- <DRIVERS>\dtBsMDQ.exe
- <SYSTEM32>\KWlrNNwg.exe
- %WINDIR%\XYNbmJRN.dll
- <DRIVERS>\cGSVvA.dll
- <DRIVERS>\HKGcwRddx.exe
- <SYSTEM32>\qoAxyL.exe
- %WINDIR%\rdebSSiCu.dll
- %WINDIR%\dELdtISV.dll
- <SYSTEM32>\cyoxNKFsJ.exe
- <DRIVERS>\twnLoxU.exe
- %WINDIR%\QXgeilt.exe
- <SYSTEM32>\pbWKQdT.dll
- <SYSTEM32>\HBreimpaX.dll
- %WINDIR%\sMVNI.dll
- <SYSTEM32>\oYcUcX.dll
- %WINDIR%\UsGSamE.dll
- %WINDIR%\lJNqQ.exe
- <DRIVERS>\JdAdBu.exe
- %WINDIR%\UUnFWCup.exe
- <SYSTEM32>\ERKAIupN.exe
- %WINDIR%\ajFRq.exe
- %WINDIR%\tQNtOart.dll
- <DRIVERS>\MPtYkYH.dll
- %WINDIR%\SQjrHJRnW.exe
- %WINDIR%\NBuAk.dll
- <SYSTEM32>\aOQtpx.exe
- <SYSTEM32>\GrqymAoSf.dll
- <SYSTEM32>\mdrUu.dll
- %WINDIR%\NEFiTe.dll
- <SYSTEM32>\wfuXMUb.dll
- <SYSTEM32>\jlmhFB.exe
- <DRIVERS>\bwWSbfTU.dll
- <DRIVERS>\AqLAgW.exe
- <SYSTEM32>\JPParrBXP.dll
- <DRIVERS>\uOBQvbIs.dll
- %WINDIR%\OLASOvGMV.exe
- %WINDIR%\CeAxrVstd.exe
- <DRIVERS>\lLyiJDQc.exe
- %WINDIR%\CwCWuOMa.dll
- <DRIVERS>\MaSOBl.exe
- <DRIVERS>\keokC.dll
- <SYSTEM32>\DUiMigCLa.dll
- <SYSTEM32>\CwodAl.exe
- <SYSTEM32>\CycCb.exe
- %WINDIR%\jhodtUS.dll
- <SYSTEM32>\NIfGC.dll
- <SYSTEM32>\SlbjjU.dll
- <DRIVERS>\oOGqD.dll
- %WINDIR%\LGiUIan.exe
- <SYSTEM32>\ltElYOxer.exe
- %WINDIR%\OCwuYs.exe
- %WINDIR%\seyoG.exe
- <DRIVERS>\tHDWjif.dll
- %WINDIR%\GayJQuD.dll
- <SYSTEM32>\cjIRA.exe
- %WINDIR%\APBvhdB.exe
- %WINDIR%\HOuJL.exe
- <DRIVERS>\IRcECtCq.exe
- %WINDIR%\LNcRXASk.dll
- %WINDIR%\iUtbn.dll
- <DRIVERS>\igecee.exe
- %WINDIR%\qesbJhyt.exe
- <DRIVERS>\ANgprNyuv.dll
- %WINDIR%\oYwWJjP.exe
- <SYSTEM32>\TBNvV.exe
- %WINDIR%\REAaEWsk.dll
- <SYSTEM32>\XdWOOB.dll
- <DRIVERS>\xVkGOW.exe
- %WINDIR%\SVHQvLg.dll
- <DRIVERS>\kjxqmmpp.exe
- %WINDIR%\kosxlYPD.dll
- %WINDIR%\JVAIUCf.dll
- %WINDIR%\phxIak.exe
- %WINDIR%\VfwLii.exe
- <DRIVERS>\YJeFcxsqP.exe
- <DRIVERS>\QHjpaKj.dll
- <SYSTEM32>\lLiYckt.exe
- <SYSTEM32>\UirwE.exe
- <DRIVERS>\PcqgiW.dll
- <DRIVERS>\VdviCC.exe
- <DRIVERS>\jJvcY.exe
- <DRIVERS>\pwilL.exe
- %WINDIR%\jmSJrdkFg.exe
- <DRIVERS>\wmjsfTaT.dll
- %WINDIR%\KlSBtnK.exe
- %WINDIR%\rUgKNv.dll
- %WINDIR%\kGXPxE.dll
- %WINDIR%\htfEvpAho.exe
- %WINDIR%\jjexpn.exe
- <SYSTEM32>\irnCTln.dll
- <DRIVERS>\RLDgpIorc.dll
- <SYSTEM32>\sWEfHp.exe
- <DRIVERS>\Ufmhu.exe
- <DRIVERS>\BAXMjoSc.dll
- %WINDIR%\xgrLngnrk.exe
- %WINDIR%\UyWJl.dll
- %WINDIR%\VPhnjeS.exe
- %WINDIR%\JLccp.dll
- %WINDIR%\HNCqnPq.dll
- <DRIVERS>\PQBUY.dll
- <SYSTEM32>\psJfdvoci.dll
- %WINDIR%\SBikKCtDb.dll
- <DRIVERS>\TrtBrOP.dll
- %WINDIR%\VBYfFR.exe
- <SYSTEM32>\GdMfq.exe
- <DRIVERS>\TLroSewn.exe
- %WINDIR%\PSfqL.dll
- <DRIVERS>\RnCYIWoVX.exe
- <SYSTEM32>\pVvCv.exe
- %WINDIR%\xuSUHvHJ.exe
- %WINDIR%\mbyFEouBH.exe
- <DRIVERS>\cUwecywW.dll
- <DRIVERS>\pCwQcVhK.exe
- <SYSTEM32>\jJPmtq.dll
- <SYSTEM32>\MawDVnY.exe
- <DRIVERS>\PaXysjPg.dll
- <SYSTEM32>\VWTqCvGLG.exe
- %WINDIR%\flBSLyeo.exe
- <DRIVERS>\vxHNNRgJy.exe
- <DRIVERS>\CqvMUdvr.exe
- <SYSTEM32>\ENwfPviug.exe
- %WINDIR%\jRUoUhRkl.dll
- <SYSTEM32>\oTyExo.dll
- <DRIVERS>\DVgaMjHw.dll
- %WINDIR%\uflNEO.dll
- %WINDIR%\HIebAvTiu.dll
- <SYSTEM32>\HmLGN.dll
- <SYSTEM32>\TdJqw.dll
- %WINDIR%\iJAAB.exe
- %WINDIR%\sObGWSw.dll
- <DRIVERS>\obvXRSpw.exe
- %WINDIR%\IQrEYsVHi.exe
- %WINDIR%\okepTOSkW.dll
- %WINDIR%\TLngcp.exe
- %WINDIR%\BGLoCvQb.dll
- <DRIVERS>\RHtwuyq.exe
- %WINDIR%\lVjjBUMXW.exe
- <SYSTEM32>\GLIMeFCXG.dll
- %WINDIR%\qtFQwkpKf.exe
- <DRIVERS>\RKFxqc.exe
- %WINDIR%\AfihahULC.dll
- <SYSTEM32>\ydTgDBBj.dll
- <DRIVERS>\Riiybc.exe
- <SYSTEM32>\hoWkRFb.dll
- <SYSTEM32>\SSrRJeuF.exe
- <DRIVERS>\PaqPSEbg.dll
- <DRIVERS>\iIYmGgmG.dll
- %WINDIR%\BvWvnHV.exe
- <DRIVERS>\oxleuiM.exe
Сетевая активность:
Подключается к:
- 'www.sp##v.com':80
TCP:
Запросы HTTP GET:
- www.sp##v.com/protection/?i=##################################################################################################################################
UDP:
- DNS ASK www.sp##v.com
Другое:
Ищет следующие окна:
- ClassName: 'Shell_TrayWnd' WindowName: ''
