Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Control IP Scheduler Spooler Window' = 'C:\ujiqvimz\gdicefp.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Now Connect Ordering Procedure] 'Start' = '00000002'
- 'C:\ujiqvimz\nmbiydqjmtkd.exe' "c:\ujiqvimz\gdicefp.exe"
- 'C:\ujiqvimz\gdicefp.exe'
- 'C:\ujiqvimz\zay4oohvw8rczkdcd.exe'
- C:\ujiqvimz\gdicefp.exe
- C:\ujiqvimz\nmbiydqjmtkd.exe
- C:\ujiqvimz\zay4oohvw8rczkdcd.exe
- %WINDIR%\ujiqvimz\ikvneveaq
- C:\ujiqvimz\ikvneveaq
- C:\ujiqvimz\nmbiydqjmtkd.exe
- C:\ujiqvimz\gdicefp.exe
- C:\ujiqvimz\zay4oohvw8rczkdcd.exe
- %WINDIR%\ujiqvimz\ikvneveaq
- 'pa###bridge.net':80
- 'fi###bridge.net':80
- 'pa####icycle.net':80
- 'wo###whose.net':80
- 'pa###except.net':80
- 'fi###except.net':80
- http://pa###bridge.net/index.php
- http://fi###bridge.net/index.php
- http://pa####icycle.net/index.php
- http://wo###whose.net/index.php
- http://pa###except.net/index.php
- http://fi###except.net/index.php
- DNS ASK fi###bridge.net
- DNS ASK pa###bridge.net
- DNS ASK fi####icycle.net
- DNS ASK pa####icycle.net
- DNS ASK sm###whose.net
- DNS ASK wo###whose.net
- DNS ASK fi###except.net
- DNS ASK pa###except.net
- ClassName: 'Shell_TrayWnd' WindowName: ''