Technical Information
- [HKLM\System\CurrentControlSet\Services\VC Network Client Error Print Telephony Agent] 'Start' = '00000002'
- [HKLM\System\CurrentControlSet\Services\VC Network Client Error Print Telephony Agent] 'ImagePath' = 'C:\zjbizzibnmzyltw\ylyuxyde.exe'
- 'VC Network Client Error Print Telephony Agent' C:\zjbizzibnmzyltw\ylyuxyde.exe
- %WINDIR%\zjbizzibnmzyltw\plhqykkv
- C:\zjbizzibnmzyltw\plhqykkv
- C:\zjbizzibnmzyltw\aqngr4lffiecn2xc.exe
- C:\zjbizzibnmzyltw\ylyuxyde.exe
- C:\zjbizzibnmzyltw\tpyjphlvahx.exe
- C:\zjbizzibnmzyltw\mmg3cb0v
- C:\zjbizzibnmzyltw\ylyuxyde.exe
- C:\zjbizzibnmzyltw\tpyjphlvahx.exe
- %WINDIR%\zjbizzibnmzyltw\plhqykkv
- C:\zjbizzibnmzyltw\aqngr4lffiecn2xc.exe
- %WINDIR%\zjbizzibnmzyltw\plhqykkv
- 'ex####success.net':80
- 'pe####success.net':80
- 'fa###yfound.net':80
- 'fa####success.net':80
- 'en####hfound.net':80
- 'ma####eguard.net':80
- http://ex####success.net/index.php?me########
- http://pe####success.net/index.php?me########
- http://fa###yfound.net/index.php?me########
- http://fa####success.net/index.php?me########
- http://en####hfound.net/index.php?me########
- http://ma####eguard.net/index.php?me########
- DNS ASK ei####before.net
- DNS ASK ei####spring.net
- DNS ASK en####hfound.net
- DNS ASK ei###rfound.net
- DNS ASK fa####banker.net
- DNS ASK ch####enbanker.net
- DNS ASK fa####success.net
- DNS ASK ch####ensuccess.net
- DNS ASK fa####spring.net
- DNS ASK ch####enspring.net
- DNS ASK fa###yfound.net
- DNS ASK ch####enfound.net
- DNS ASK ci####ttebanker.net
- DNS ASK pi####ebanker.net
- DNS ASK ci#####tesuccess.net
- DNS ASK pi####esuccess.net
- DNS ASK ci####ttespring.net
- DNS ASK pi####espring.net
- DNS ASK en####hspring.net
- DNS ASK ei####success.net
- DNS ASK en####hsuccess.net
- DNS ASK ei####banker.net
- DNS ASK su####airplane.net
- DNS ASK ma####efence.net
- DNS ASK pe###nfence.net
- DNS ASK ma####eguard.net
- DNS ASK pe###nguard.net
- DNS ASK ma####estraight.net
- DNS ASK pe####straight.net
- DNS ASK ma####eairplane.net
- DNS ASK be####efence.net
- DNS ASK pe####airplane.net
- DNS ASK ex###tfence.net
- DNS ASK be####eguard.net
- DNS ASK ex###tguard.net
- DNS ASK be####estraight.net
- DNS ASK ex####straight.net
- DNS ASK be####eairplane.net
- DNS ASK ex####airplane.net
- DNS ASK en####hbanker.net
- DNS ASK fo####nairplane.net
- DNS ASK ci####ttefound.net
- DNS ASK pi####efound.net
- DNS ASK th####banker.net
- DNS ASK ma####ebanker.net
- DNS ASK pe####banker.net
- DNS ASK ma####esuccess.net
- DNS ASK pe####success.net
- DNS ASK ma####espring.net
- DNS ASK pe####spring.net
- DNS ASK ma####efound.net
- DNS ASK pe###nfound.net
- DNS ASK be####ebanker.net
- DNS ASK ex####banker.net
- DNS ASK be####esuccess.net
- DNS ASK ex####success.net
- DNS ASK be####espring.net
- DNS ASK ex####spring.net
- DNS ASK be####efound.net
- DNS ASK ex###tfound.net
- DNS ASK en####hbefore.net
- DNS ASK su###nfound.net
- DNS ASK fo####nfound.net
- DNS ASK su####spring.net
- DNS ASK fo####nspring.net
- DNS ASK th####success.net
- DNS ASK fi####success.net
- DNS ASK th####spring.net
- DNS ASK fi####spring.net
- DNS ASK th###hfound.net
- DNS ASK fi###efound.net
- DNS ASK ri###banker.net
- DNS ASK wh####rbanker.net
- DNS ASK wh####rsuccess.net
- DNS ASK ri####uccess.net
- DNS ASK ri###spring.net
- DNS ASK wh####rspring.net
- DNS ASK ri###found.net
- DNS ASK wh####rfound.net
- DNS ASK fo####nbanker.net
- DNS ASK su####banker.net
- DNS ASK fo####nsuccess.net
- DNS ASK su####success.net
- DNS ASK fi####banker.net
- DNS ASK su####straight.net
- 'C:\zjbizzibnmzyltw\aqngr4lffiecn2xc.exe'
- 'C:\zjbizzibnmzyltw\ylyuxyde.exe'
- 'C:\zjbizzibnmzyltw\tpyjphlvahx.exe' "c:\zjbizzibnmzyltw\ylyuxyde.exe"