Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Peer Connectivity PNRP Video Proxy Firewall] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Peer Connectivity PNRP Video Proxy Firewall] 'ImagePath' = 'C:\ty2lu8fm\u7ljkasph4i.exe'
- %WINDIR%\ty2lu8fm\dryjyix
- C:\ty2lu8fm\dryjyix
- C:\ty2lu8fm\osiaphpmzg7loqkilyebovs.exe
- C:\ty2lu8fm\u7ljkasph4i.exe
- C:\ty2lu8fm\zwyvcqxblz3.exe
- C:\ty2lu8fm\phai8dijke8a
- C:\ty2lu8fm\u7ljkasph4i.exe
- C:\ty2lu8fm\zwyvcqxblz3.exe
- %WINDIR%\ty2lu8fm\dryjyix
- C:\ty2lu8fm\osiaphpmzg7loqkilyebovs.exe
- %WINDIR%\ty2lu8fm\dryjyix
- 'ta#####pielenreiten.org':80
- 'un###lgrain.org':80
- http://so####ryducks.com/index.php
- http://sp##tnav.ru/index.php
- http://do##bate.cn/index.php
- http://cl####portsmen.com/index.php
- DNS ASK ha####nhalflion.net
- DNS ASK cl####portsmen.com
- DNS ASK do##bate.cn
- DNS ASK pi##asia.cn
- DNS ASK sp##tnav.ru
- DNS ASK pr##card.ru
- DNS ASK ch####isportsmen.ru
- DNS ASK sc#####epuzzlechess.org
- DNS ASK ta#####pielenreiten.org
- DNS ASK bu####rmansion.com
- DNS ASK so####ryducks.com
- DNS ASK ka#######ayajivayapriroda.ru
- DNS ASK gu##155.cn
- DNS ASK ye####gdongwu.cn
- DNS ASK ag#####anabolics.com
- DNS ASK cl#####ortswomen.com
- DNS ASK ga#####yundongyuan.cn
- DNS ASK to###tosales.ru
- DNS ASK un###lgrain.org
- 'C:\ty2lu8fm\osiaphpmzg7loqkilyebovs.exe'
- 'C:\ty2lu8fm\u7ljkasph4i.exe'
- 'C:\ty2lu8fm\zwyvcqxblz3.exe' "c:\ty2lu8fm\u7ljkasph4i.exe"