Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Jovu' = '%TEMP%\Wolueb\jovu.exe'
- [<HKLM>\SYSTEM\ControlSet001\services\a6630428c375d8] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\services\a6630428c375d8] 'ImagePath' = '<DRIVERS>\a6630428c375d8.sys'
- [<HKLM>\SYSTEM\ControlSet001\services\92a89] 'Start' = '00000001'
- '%TEMP%\Wolueb\jovu.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\FirewallControlPanel.dll,ShowNotificationDialog /ETOnly 0 /OnProfiles 6 /OtherAllowed 0 /OtherBlocked 0 /OtherEdgeAllowed 0 /NewBlocked 4 "<SYSTEM32>\taskhost.exe"
- <SYSTEM32>\cmd.exe
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\xglzpaqqkvslxmjfyjflnsvooflb_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\lbdeappuqcmonknylfycejn_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\fifeeacaspcqmrojlbtdnfpjkb_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\zhzvshvgvghwgkjkvfqzpkjhi_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\vwofzxtszhsuordapbdgeprgigm_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ghrckfxcskrlfvktwiblozpz_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\cmpzaiaufadxkkraifelscaq_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\sgeidexdygmnvvkhugyorpp_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\aipngefyqwlvdnftcthcvgdimjh_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\dukfwolhubuyhhlovwghhhcubu_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\dadinxyheqeyuoynzfypbfabxokn_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\pfvttkzllvxnvgiobbejbayuolj_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\lzbudealmzhqqowgffetlr_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\amofrgqwcikrvgjrpjpmbofduhn_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ugdhxgezxvwxhopjmjmobpbnj_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\capbxkvkcuhsiztcokjfykrovea_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\bezddicmrgsotwaiplbaovdxsfab_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ssoldegikjtbilbpretmz_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\jnlbeicmmvzpdshyhbdycmmj_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ypxxkluwxqgailvaiyhvwcqhpj_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\pnrwpzhnvsgpcinjdhuskpvce_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\hlfvqcgmdagwgqwzhaemzfnxor_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\hbewkvnrmfqgphqmnlthov_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\thilhojpbiqaegmxwdqqgmrhmlj_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\yjfwkdmkfifqgjzssauqwkb_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ccyjvbuhynffieqhozpffm_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\fapfbyvgrgambegqkneuypztnrfdro_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\qtssoaqbmaqhnzfhqzxslzxsp_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\qkfefsgtwhibxrcywsciytd_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\lfcqvgrpfajbnrhhqtkgupbyxjn_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\hqdmroxctuwzdixdqkjpvzdts_info[1]
- <LS_APPDATA>\Microsoft\Windows Mail\Local Folders\Outbox\winmail.fol
- <LS_APPDATA>\Microsoft\Windows Mail\Local Folders\Inbox\winmail.fol
- <LS_APPDATA>\Microsoft\Windows Mail\edb.log
- <LS_APPDATA>\Microsoft\Windows Mail\Local Folders\Sent Items\winmail.fol
- <LS_APPDATA>\Microsoft\Windows Mail\Local Folders\Junk E-mail\winmail.fol
- <LS_APPDATA>\Microsoft\Windows Mail\Local Folders\Drafts\winmail.fol
- <LS_APPDATA>\Microsoft\Windows Mail\Local Folders\Deleted Items\winmail.fol
- <LS_APPDATA>\Microsoft\Windows Mail\Backup\temp\WindowsMail.pat
- <DRIVERS>\a6630428c375d8.sys
- <DRIVERS>\92a89.sys
- %TEMP%\Wolueb\jovu.exe
- <LS_APPDATA>\Microsoft\Windows Mail\tmp.edb
- <LS_APPDATA>\Microsoft\Windows Mail\Backup\temp\edb00002.log
- <LS_APPDATA>\Microsoft\Windows Mail\edbtmp.log
- <LS_APPDATA>\Microsoft\Windows Mail\Backup\temp\WindowsMail.MSMessageStore
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\aiztauhixylhgqprcymnfaeu_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\sccmhpfrbicqlpbxstknuoha_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\onlbixkfepnmntclhqqknfjbipr_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\aupfylznrnvihmbzxirampx_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ngquaqbmvcllvowgjnqhu_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\cuvcwcvwrkknxpnjhytvcyxdupp_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\lrnbhsrgdunfobdqpjnmrkbsc_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ayhumlfyxljuslgmdarhamibvgqc_ru[1]
- %TEMP%\TXB68AF.bat
- <LS_APPDATA>\Microsoft\Windows Mail\Local Folders\Inbox\4E012D8E-00000001.eml:OECustomProperty
- <LS_APPDATA>\Microsoft\Windows Mail\Local Folders\Inbox\4E012D8E-00000001.eml
- %TEMP%\CabB00C.tmp
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\nfjvyxqkohxkrbaojqctoyl_biz[1]
- %TEMP%\ppcrlui_1872_2
- %TEMP%\TarB00D.tmp
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ccyjvbuhynffieqhozpffm_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\vwofzxtszhsuordapbdgeprgigm_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\yjfwkdmkfifqgjzssauqwkb_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\fapfbyvgrgambegqkneuypztnrfdro_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\thilhojpbiqaegmxwdqqgmrhmlj_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ghrckfxcskrlfvktwiblozpz_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\lbdeappuqcmonknylfycejn_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\fifeeacaspcqmrojlbtdnfpjkb_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\xglzpaqqkvslxmjfyjflnsvooflb_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\cmpzaiaufadxkkraifelscaq_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\zhzvshvgvghwgkjkvfqzpkjhi_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\jnlbeicmmvzpdshyhbdycmmj_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\capbxkvkcuhsiztcokjfykrovea_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\hlfvqcgmdagwgqwzhaemzfnxor_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ypxxkluwxqgailvaiyhvwcqhpj_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\pnrwpzhnvsgpcinjdhuskpvce_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\bezddicmrgsotwaiplbaovdxsfab_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\qkfefsgtwhibxrcywsciytd_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\lfcqvgrpfajbnrhhqtkgupbyxjn_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\qtssoaqbmaqhnzfhqzxslzxsp_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ssoldegikjtbilbpretmz_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\hbewkvnrmfqgphqmnlthov_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\sccmhpfrbicqlpbxstknuoha_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\onlbixkfepnmntclhqqknfjbipr_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\aiztauhixylhgqprcymnfaeu_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\lrnbhsrgdunfobdqpjnmrkbsc_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\aupfylznrnvihmbzxirampx_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ayhumlfyxljuslgmdarhamibvgqc_ru[1]
- %TEMP%\CabB00C.tmp
- <DRIVERS>\92a89.sys
- %TEMP%\TarB00D.tmp
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\nfjvyxqkohxkrbaojqctoyl_biz[1]
- %TEMP%\ppcrlui_1872_2
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ugdhxgezxvwxhopjmjmobpbnj_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\pfvttkzllvxnvgiobbejbayuolj_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\amofrgqwcikrvgjrpjpmbofduhn_biz[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\sgeidexdygmnvvkhugyorpp_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\lzbudealmzhqqowgffetlr_org[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\aipngefyqwlvdnftcthcvgdimjh_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ngquaqbmvcllvowgjnqhu_com[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\cuvcwcvwrkknxpnjhytvcyxdupp_ru[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\hqdmroxctuwzdixdqkjpvzdts_info[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\dukfwolhubuyhhlovwghhhcubu_net[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\dadinxyheqeyuoynzfypbfabxokn_biz[1]
- <LS_APPDATA>\Microsoft\Windows Mail\edbtmp.log в <LS_APPDATA>\Microsoft\Windows Mail\edb.log
- 'cc######ynffieqhozpffm.ru':80
- 'vw#######hsuordapbdgeprgigm.com':80
- 'yj######fifqgjzssauqwkb.com':80
- 'fa########ambegqkneuypztnrfdro.org':80
- 'th#######iqaegmxwdqqgmrhmlj.net':80
- 'xg########slxmjfyjflnsvooflb.biz':80
- 'lb######qcmonknylfycejn.ru':80
- 'zh#######ghwgkjkvfqzpkjhi.info':80
- 'gh#######krlfvktwiblozpz.net':80
- 'cm#######adxkkraifelscaq.org':80
- 'lf########jbnrhhqtkgupbyxjn.info':80
- 'jn#######vzpdshyhbdycmmj.com':80
- 'ca#######uhsiztcokjfykrovea.biz':80
- 'hl#######agwgqwzhaemzfnxor.ru':80
- 'yp#######qgailvaiyhvwcqhpj.net':80
- 'pn#######sgpcinjdhuskpvce.com':80
- 'qt#######aqhnzfhqzxslzxsp.ru':80
- 'qk######whibxrcywsciytd.biz':80
- 'hb######mfqgphqmnlthov.com':80
- 'be########sotwaiplbaovdxsfab.org':80
- 'ss######kjtbilbpretmz.info':80
- 'ai#######ylhgqprcymnfaeu.org':80
- 'sc#######icqlpbxstknuoha.net':80
- 'au######rnvihmbzxirampx.biz':80
- 'cu#######kknxpnjhytvcyxdupp.ru':80
- 'lr#######unfobdqpjnmrkbsc.com':80
- 'www.bing.com':80
- '74.##5.232.51':80
- 'nf######ohxkrbaojqctoyl.biz':80
- 'on#######pnmntclhqqknfjbipr.com':80
- 'ay#######ljuslgmdarhamibvgqc.ru':80
- 'ng######vcllvowgjnqhu.com':80
- 'am#######ikrvgjrpjpmbofduhn.biz':80
- 'ug#######vwxhopjmjmobpbnj.com':80
- 'lz######mzhqqowgffetlr.org':80
- 'fi#######pcqmrojlbtdnfpjkb.com':80
- 'sg#######gmnvvkhugyorpp.info':80
- 'da########eyuoynzfypbfabxokn.biz':80
- 'hq#######uwzdixdqkjpvzdts.info':80
- 'du#######buyhhlovwghhhcubu.net':80
- 'pf#######vxnvgiobbejbayuolj.ru':80
- 'ai#######wlvdnftcthcvgdimjh.com':80
- cc######ynffieqhozpffm.ru/
- vw#######hsuordapbdgeprgigm.com/
- yj######fifqgjzssauqwkb.com/
- fa########ambegqkneuypztnrfdro.org/
- th#######iqaegmxwdqqgmrhmlj.net/
- xg########slxmjfyjflnsvooflb.biz/
- lb######qcmonknylfycejn.ru/
- zh#######ghwgkjkvfqzpkjhi.info/
- gh#######krlfvktwiblozpz.net/
- cm#######adxkkraifelscaq.org/
- lf########jbnrhhqtkgupbyxjn.info/
- jn#######vzpdshyhbdycmmj.com/
- ca#######uhsiztcokjfykrovea.biz/
- hl#######agwgqwzhaemzfnxor.ru/
- yp#######qgailvaiyhvwcqhpj.net/
- pn#######sgpcinjdhuskpvce.com/
- qt#######aqhnzfhqzxslzxsp.ru/
- qk######whibxrcywsciytd.biz/
- hb######mfqgphqmnlthov.com/
- be########sotwaiplbaovdxsfab.org/
- ss######kjtbilbpretmz.info/
- ai#######ylhgqprcymnfaeu.org/
- sc#######icqlpbxstknuoha.net/
- au######rnvihmbzxirampx.biz/
- cu#######kknxpnjhytvcyxdupp.ru/
- lr#######unfobdqpjnmrkbsc.com/
- www.bing.com/
- 74.##5.232.51/
- nf######ohxkrbaojqctoyl.biz/
- on#######pnmntclhqqknfjbipr.com/
- ay#######ljuslgmdarhamibvgqc.ru/
- ng######vcllvowgjnqhu.com/
- am#######ikrvgjrpjpmbofduhn.biz/
- ug#######vwxhopjmjmobpbnj.com/
- lz######mzhqqowgffetlr.org/
- fi#######pcqmrojlbtdnfpjkb.com/
- sg#######gmnvvkhugyorpp.info/
- da########eyuoynzfypbfabxokn.biz/
- hq#######uwzdixdqkjpvzdts.info/
- du#######buyhhlovwghhhcubu.net/
- pf#######vxnvgiobbejbayuolj.ru/
- ai#######wlvdnftcthcvgdimjh.com/
- DNS ASK xg########slxmjfyjflnsvooflb.biz
- DNS ASK lb######qcmonknylfycejn.ru
- DNS ASK fi#######pcqmrojlbtdnfpjkb.com
- DNS ASK zh#######ghwgkjkvfqzpkjhi.info
- DNS ASK vw#######hsuordapbdgeprgigm.com
- DNS ASK gh#######krlfvktwiblozpz.net
- DNS ASK cm#######adxkkraifelscaq.org
- DNS ASK sg#######gmnvvkhugyorpp.info
- DNS ASK ai#######wlvdnftcthcvgdimjh.com
- DNS ASK du#######buyhhlovwghhhcubu.net
- DNS ASK da########eyuoynzfypbfabxokn.biz
- DNS ASK pf#######vxnvgiobbejbayuolj.ru
- DNS ASK lz######mzhqqowgffetlr.org
- DNS ASK am#######ikrvgjrpjpmbofduhn.biz
- DNS ASK ug#######vwxhopjmjmobpbnj.com
- DNS ASK ca#######uhsiztcokjfykrovea.biz
- DNS ASK be########sotwaiplbaovdxsfab.org
- DNS ASK ss######kjtbilbpretmz.info
- DNS ASK jn#######vzpdshyhbdycmmj.com
- DNS ASK yp#######qgailvaiyhvwcqhpj.net
- DNS ASK pn#######sgpcinjdhuskpvce.com
- DNS ASK hl#######agwgqwzhaemzfnxor.ru
- DNS ASK hb######mfqgphqmnlthov.com
- DNS ASK th#######iqaegmxwdqqgmrhmlj.net
- DNS ASK yj######fifqgjzssauqwkb.com
- DNS ASK cc######ynffieqhozpffm.ru
- DNS ASK fa########ambegqkneuypztnrfdro.org
- DNS ASK qt#######aqhnzfhqzxslzxsp.ru
- DNS ASK qk######whibxrcywsciytd.biz
- DNS ASK lf########jbnrhhqtkgupbyxjn.info
- DNS ASK ln########wameiuoinylhkrfmpv.biz
- DNS ASK nf######ohxkrbaojqctoyl.biz
- DNS ASK ay#######ljuslgmdarhamibvgqc.ru
- DNS ASK on#######pnmntclhqqknfjbipr.com
- DNS ASK hq#######uwzdixdqkjpvzdts.info
- DNS ASK www.google.com
- DNS ASK www.bing.com
- DNS ASK lr#######unfobdqpjnmrkbsc.com
- DNS ASK cu#######kknxpnjhytvcyxdupp.ru
- DNS ASK ng######vcllvowgjnqhu.com
- DNS ASK sc#######icqlpbxstknuoha.net
- DNS ASK ai#######ylhgqprcymnfaeu.org
- DNS ASK au######rnvihmbzxirampx.biz
- '19#.#7.198.162':2096
- '13#.#1.49.30':2838
- '67.##8.254.65':2923
- '13#.#7.198.100':2430
- '61.##4.150.9':6958
- '19#.#34.52.206':9329
- '17#.#9.110.91':1442
- '31.##.186.225':7922
- '13#.#17.197.217':5848
- '84.##.219.81':5737
- '23.##.133.13':7608
- '23.#6.34.43':6953
- '13#.#17.72.241':1768
- '37.##.41.161':2190
- '87.##3.112.229':5528
- '16#.#3.211.182':8424
- '23.##.64.182':7013
- '16#.#1.80.142':9272
- '2.##.58.208':5844
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'OutlookExpressHiddenWindow' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'