Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Access Interface Secure Encryption' = 'C:\xnuwnxfzgb\jwxkyvykr.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Fax PnP-X Parental Power] 'Start' = '00000002'
- 'C:\xnuwnxfzgb\htdrfgezanir.exe' "c:\xnuwnxfzgb\jwxkyvykr.exe"
- 'C:\xnuwnxfzgb\jwxkyvykr.exe'
- 'C:\xnuwnxfzgb\vj052g5chm6cnnh.exe'
- C:\xnuwnxfzgb\jwxkyvykr.exe
- C:\xnuwnxfzgb\htdrfgezanir.exe
- C:\xnuwnxfzgb\ifnfjteu5h
- %WINDIR%\xnuwnxfzgb\tnozxz
- C:\xnuwnxfzgb\tnozxz
- C:\xnuwnxfzgb\vj052g5chm6cnnh.exe
- C:\xnuwnxfzgb\htdrfgezanir.exe
- C:\xnuwnxfzgb\jwxkyvykr.exe
- C:\xnuwnxfzgb\vj052g5chm6cnnh.exe
- %WINDIR%\xnuwnxfzgb\tnozxz
- 'he###while.net':80
- 'di#####ltquestion.net':80
- 'he####uestion.net':80
- 'di####ultschool.net':80
- 'he###school.net':80
- 'di####ultwhile.net':80
- http://he###while.net/index.php?me########
- http://di#####ltquestion.net/index.php?me########
- http://he####uestion.net/index.php?me########
- http://di####ultschool.net/index.php?me########
- http://he###school.net/index.php?me########
- http://di####ultwhile.net/index.php?me########
- DNS ASK di#####lttherefore.net
- DNS ASK he####uestion.net
- DNS ASK pl####ntschool.net
- DNS ASK he####herefore.net
- DNS ASK di#####ltquestion.net
- DNS ASK he###school.net
- DNS ASK di####ultschool.net
- DNS ASK he###while.net
- DNS ASK di####ultwhile.net
- ClassName: 'Shell_TrayWnd' WindowName: ''