Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Receiver Base Socket Interactive Telephony' = '<SYSTEM32>\qkaxzecs.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\qkaxzecs.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\Power Visual Resolution Connectivity CardSpace] 'Start' = '00000002'
- Центр обеспечения безопасности (Security Center)
- '<SYSTEM32>\vhiebphic.exe' "<SYSTEM32>\qkaxzecs.exe"
- '%WINDIR%\Temp\cd9kvd65iemil.exe' -r 32316 tcp
- '%TEMP%\cd9kvd4ynumiseyqunup.exe'
- '<SYSTEM32>\qkaxzecs.exe'
- <SYSTEM32>\copwoiw\run
- <SYSTEM32>\copwoiw\rng
- %WINDIR%\Temp\cd9kvd65iemil.exe
- <SYSTEM32>\copwoiw\cfg
- <SYSTEM32>\vhiebphic.exe
- %TEMP%\cd9kvd4ynumiseyqunup.exe
- <SYSTEM32>\copwoiw\tst
- <SYSTEM32>\qkaxzecs.exe
- <SYSTEM32>\copwoiw\etc
- <SYSTEM32>\vhiebphic.exe
- <SYSTEM32>\qkaxzecs.exe
- %TEMP%\cd9kvd4ynumiseyqunup.exe
- <DRIVERS>\etc\hosts
- DNS ASK ga########all-talk-community.com