Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Logs Microsoft Peer Play AutoConnect' = '%APPDATA%\attpazgealjfk\tgqclff.exe'
- '%APPDATA%\attpazgealjfk\dcpursty.exe' "%APPDATA%\attpazgealjfk\tgqclff.exe"
- '%APPDATA%\attpazgealjfk\tgqclff.exe'
- %APPDATA%\attpazgealjfk\tgqclff.cg4lj
- %APPDATA%\attpazgealjfk\dcpursty.exe
- %APPDATA%\attpazgealjfk\tgqclff.exe
- %APPDATA%\attpazgealjfk\dcpursty.exe
- %APPDATA%\attpazgealjfk\tgqclff.exe
- 'tw###eready.net':80
- 'mi###ebrown.net':80
- 'of###ready.net':80
- 'al###ready.net':80
- tw###eready.net/forum/search.php?em#######################################
- mi###ebrown.net/forum/search.php?em#######################################
- of###ready.net/forum/search.php?em#######################################
- al###ready.net/forum/search.php?em#######################################
- DNS ASK tw###eready.net
- DNS ASK mi###eready.net
- DNS ASK al####aughter.net
- DNS ASK mi####people.net
- DNS ASK tw###ebrown.net
- DNS ASK mi###ebrown.net
- DNS ASK of####aughter.net
- DNS ASK of###brown.net
- DNS ASK al###ready.net
- DNS ASK of###ready.net
- DNS ASK al###people.net
- DNS ASK of###people.net
- DNS ASK al###brown.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'