Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Audio HD Driver' = '%TEMP%\AHLQvShbijDM.exe'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'Audio HD Driver' = '%TEMP%\AHLQvShbijDM.exe'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'conhost' = '%APPDATA%\Microsoft\conhost.exe'
- hidden files
- [<HKCU>\Software\Microsoft\windows\CurrentVersion\Internet Settings] 'ProxyEnable' = '00000001'
- [<HKCU>\Software\Microsoft\windows\CurrentVersion\Internet Settings] 'ProxyServer' = 'http=127.0.0.1:50202'
- %TEMP%\ahlqvshbijdm.exe
- %APPDATA%\ahlqvshbijdm.exe
- %APPDATA%\microsoft\conhost.exe
- %APPDATA%\e7ce.8b3
- %TEMP%\ahlqvshbijdm.exe
- %APPDATA%\ahlqvshbijdm.exe
- http://pr####lreviews.com/images/113.jpg?tq######################################################################################################################################################...
- http://zo##ak.com/images/im133.jpg?tq#########################################################
- DNS ASK pr####lreviews.com
- DNS ASK zo##tf.com
- DNS ASK di#####ntdata-one.com
- DNS ASK zo##ak.com