Техническая информация
- [<HKCU>\software\microsoft\windows\currentversion\run] 'UaYIcAMo.exe' = '%HOMEPATH%\eikIkgko\UaYIcAMo.exe'
- [<HKLM>\System\CurrentControlSet\Services\cMUMYAvl] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\cMUMYAvl] 'ImagePath' = '%ALLUSERSPROFILE%\aCIwAIck\ACMoYgkg.exe'
- 'cMUMYAvl' %ALLUSERSPROFILE%\aCIwAIck\ACMoYgkg.exe
- %HOMEPATH%\eikikgko\uayicamo
- %ALLUSERSPROFILE%\raqgqmme\ocmsmies
- %HOMEPATH%\eikikgko\uayicamo.exe
- %ALLUSERSPROFILE%\aciwaick\acmoygkg.exe
- %WINDIR%\syswow64\config\systemprofile\eikikgko\uayicamo
- %ALLUSERSPROFILE%\byks.txt
- <Текущая директория>\kwqs.ico
- http://google.com/
- DNS ASK bl##k.io
- DNS ASK google.com
- ClassName: '' WindowName: 'OcMsMIEs.exe'
- ClassName: '' WindowName: 'Microsoft Windows'
- '%HOMEPATH%\eikikgko\uayicamo.exe'
- '%ALLUSERSPROFILE%\aciwaick\acmoygkg.exe'