Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Interactive WLAN Counter Class' = 'C:\fhhpqhx\ybztrujml.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Networking Disk Extensible Isolation Receiver] 'Start' = '00000002'
- 'C:\fhhpqhx\dqwtifbqnpf.exe' "c:\fhhpqhx\ybztrujml.exe"
- 'C:\fhhpqhx\ybztrujml.exe'
- 'C:\fhhpqhx\z9ow2n4hxrsgawnw6ak.exe'
- C:\fhhpqhx\ybztrujml.exe
- C:\fhhpqhx\dqwtifbqnpf.exe
- C:\fhhpqhx\rmuht5cktmmu
- %WINDIR%\fhhpqhx\ddkclvl
- C:\fhhpqhx\ddkclvl
- C:\fhhpqhx\z9ow2n4hxrsgawnw6ak.exe
- C:\fhhpqhx\dqwtifbqnpf.exe
- C:\fhhpqhx\ybztrujml.exe
- C:\fhhpqhx\z9ow2n4hxrsgawnw6ak.exe
- %WINDIR%\fhhpqhx\ddkclvl
- 'ag####tfather.net':80
- 'do###father.net':80
- 'qu####ontrol.net':80
- 'se####control.net':80
- 'ag####tbuilt.net':80
- 'do###built.net':80
- 'ag####tapple.net':80
- 'do###apple.net':80
- 'se####together.net':80
- 'br####ontrol.net':80
- 'qu###matter.net':80
- 'br####ogether.net':80
- 'fl####ontrol.net':80
- 'se###nspent.net':80
- 'qu####ogether.net':80
- 'se####matter.net':80
- 'qu###spent.net':80
- 'ca####nfather.net':80
- 'la###apple.net':80
- 'de###ecarry.net':80
- 'la###father.net':80
- 'ca####nbuilt.net':80
- 'la###carry.net':80
- 'ca####napple.net':80
- 'la###built.net':80
- 'ni###carry.net':80
- 'ni###father.net':80
- 'de####father.net':80
- 'ag####tcarry.net':80
- 'do###carry.net':80
- 'ni###built.net':80
- 'de###ebuilt.net':80
- 'ni###apple.net':80
- 'de###eapple.net':80
- 'fl####ogether.net':80
- 'el#####ctogether.net':80
- 're####control.net':80
- 'el####icspent.net':80
- 're####together.net':80
- 'tr###matter.net':80
- 'st###tspent.net':80
- 'el####iccontrol.net':80
- 'st####matter.net':80
- 're###dspent.net':80
- 'la####ogether.net':80
- 'ca####ntogether.net':80
- 'la###spent.net':80
- 'ca####nspent.net':80
- 're####matter.net':80
- 'el####icmatter.net':80
- 'la####ontrol.net':80
- 'ca####ncontrol.net':80
- 'be####control.net':80
- 'ga####control.net':80
- 'be####together.net':80
- 'ga####together.net':80
- 'fl###spent.net':80
- 'br###spent.net':80
- 'fl###matter.net':80
- 'br###matter.net':80
- 'ga###rspent.net':80
- 'tr####ogether.net':80
- 'st####control.net':80
- 'tr###spent.net':80
- 'st####together.net':80
- 'ga####matter.net':80
- 'be###rspent.net':80
- 'tr####ontrol.net':80
- 'be####matter.net':80
- http://ag####tfather.net/index.php?me########
- http://do###father.net/index.php?me########
- http://qu####ontrol.net/index.php?me########
- http://se####control.net/index.php?me########
- http://ag####tbuilt.net/index.php?me########
- http://do###built.net/index.php?me########
- http://ag####tapple.net/index.php?me########
- http://do###apple.net/index.php?me########
- http://se####together.net/index.php?me########
- http://br####ontrol.net/index.php?me########
- http://qu###matter.net/index.php?me########
- http://br####ogether.net/index.php?me########
- http://fl####ontrol.net/index.php?me########
- http://se###nspent.net/index.php?me########
- http://qu####ogether.net/index.php?me########
- http://se####matter.net/index.php?me########
- http://qu###spent.net/index.php?me########
- http://ca####nfather.net/index.php?me########
- http://la###apple.net/index.php?me########
- http://de###ecarry.net/index.php?me########
- http://la###father.net/index.php?me########
- http://ca####nbuilt.net/index.php?me########
- http://la###carry.net/index.php?me########
- http://ca####napple.net/index.php?me########
- http://la###built.net/index.php?me########
- http://ni###carry.net/index.php?me########
- http://ni###father.net/index.php?me########
- http://de####father.net/index.php?me########
- http://ag####tcarry.net/index.php?me########
- http://do###carry.net/index.php?me########
- http://ni###built.net/index.php?me########
- http://de###ebuilt.net/index.php?me########
- http://ni###apple.net/index.php?me########
- http://de###eapple.net/index.php?me########
- http://fl####ogether.net/index.php?me########
- http://el#####ctogether.net/index.php?me########
- http://re####control.net/index.php?me########
- http://el####icspent.net/index.php?me########
- http://re####together.net/index.php?me########
- http://tr###matter.net/index.php?me########
- http://st###tspent.net/index.php?me########
- http://el####iccontrol.net/index.php?me########
- http://st####matter.net/index.php?me########
- http://re###dspent.net/index.php?me########
- http://la####ogether.net/index.php?me########
- http://ca####ntogether.net/index.php?me########
- http://la###spent.net/index.php?me########
- http://ca####nspent.net/index.php?me########
- http://re####matter.net/index.php?me########
- http://el####icmatter.net/index.php?me########
- http://la####ontrol.net/index.php?me########
- http://ca####ncontrol.net/index.php?me########
- http://be####control.net/index.php?me########
- http://ga####control.net/index.php?me########
- http://be####together.net/index.php?me########
- http://ga####together.net/index.php?me########
- http://fl###spent.net/index.php?me########
- http://br###spent.net/index.php?me########
- http://fl###matter.net/index.php?me########
- http://br###matter.net/index.php?me########
- http://ga###rspent.net/index.php?me########
- http://tr####ogether.net/index.php?me########
- http://st####control.net/index.php?me########
- http://tr###spent.net/index.php?me########
- http://st####together.net/index.php?me########
- http://ga####matter.net/index.php?me########
- http://be###rspent.net/index.php?me########
- http://tr####ontrol.net/index.php?me########
- http://be####matter.net/index.php?me########
- DNS ASK ag####tfather.net
- DNS ASK do###father.net
- DNS ASK qu####ontrol.net
- DNS ASK se####control.net
- DNS ASK ag####tbuilt.net
- DNS ASK do###built.net
- DNS ASK ag####tapple.net
- DNS ASK do###apple.net
- DNS ASK se####together.net
- DNS ASK br####ontrol.net
- DNS ASK qu###matter.net
- DNS ASK br####ogether.net
- DNS ASK fl####ontrol.net
- DNS ASK se###nspent.net
- DNS ASK qu####ogether.net
- DNS ASK se####matter.net
- DNS ASK qu###spent.net
- DNS ASK ca####nfather.net
- DNS ASK la###apple.net
- DNS ASK de###ecarry.net
- DNS ASK la###father.net
- DNS ASK ca####nbuilt.net
- DNS ASK la###carry.net
- DNS ASK ca####napple.net
- DNS ASK la###built.net
- DNS ASK ni###carry.net
- DNS ASK ni###father.net
- DNS ASK de####father.net
- DNS ASK ag####tcarry.net
- DNS ASK do###carry.net
- DNS ASK ni###built.net
- DNS ASK de###ebuilt.net
- DNS ASK ni###apple.net
- DNS ASK de###eapple.net
- DNS ASK fl####ogether.net
- DNS ASK el#####ctogether.net
- DNS ASK re####control.net
- DNS ASK el####icspent.net
- DNS ASK re####together.net
- DNS ASK tr###matter.net
- DNS ASK st###tspent.net
- DNS ASK el####iccontrol.net
- DNS ASK st####matter.net
- DNS ASK re###dspent.net
- DNS ASK la####ogether.net
- DNS ASK ca####ntogether.net
- DNS ASK la###spent.net
- DNS ASK ca####nspent.net
- DNS ASK re####matter.net
- DNS ASK el####icmatter.net
- DNS ASK la####ontrol.net
- DNS ASK ca####ncontrol.net
- DNS ASK be####control.net
- DNS ASK ga####control.net
- DNS ASK be####together.net
- DNS ASK ga####together.net
- DNS ASK fl###spent.net
- DNS ASK br###spent.net
- DNS ASK fl###matter.net
- DNS ASK br###matter.net
- DNS ASK ga###rspent.net
- DNS ASK tr####ogether.net
- DNS ASK st####control.net
- DNS ASK tr###spent.net
- DNS ASK st####together.net
- DNS ASK ga####matter.net
- DNS ASK be###rspent.net
- DNS ASK tr####ontrol.net
- DNS ASK be####matter.net
- ClassName: 'Shell_TrayWnd' WindowName: ''