Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Workstation System Search' = '<LS_APPDATA>\glnhpjck\lhohyecn.exe'
- <LS_APPDATA>\glnhpjck\xnascipfy.exe "<LS_APPDATA>\glnhpjck\lhohyecn.exe"
- <LS_APPDATA>\glnhpjck\lhohyecn.exe
- <LS_APPDATA>\glnhpjck\lhohyecn.tye
- <LS_APPDATA>\glnhpjck\xnascipfy.exe
- <LS_APPDATA>\glnhpjck\lhohyecn.exe
- <LS_APPDATA>\glnhpjck\xnascipfy.exe
- <LS_APPDATA>\glnhpjck\lhohyecn.exe
- 'ge###ebuilt.net':80
- 'he###carry.net':80
- 'he###built.net':80
- 'le###rcarry.net':80
- 'ge###eapple.net':80
- ge###ebuilt.net/forum/search.php?em########################################
- he###carry.net/forum/search.php?em########################################
- he###built.net/forum/search.php?em########################################
- le###rcarry.net/forum/search.php?em########################################
- ge###eapple.net/forum/search.php?em########################################
- DNS ASK ge###ebuilt.net
- DNS ASK he###built.net
- DNS ASK he###carry.net
- DNS ASK va####sfather.net
- DNS ASK ge###ecarry.net
- DNS ASK ge###eapple.net
- DNS ASK he###ncarry.net
- DNS ASK le###rcarry.net
- DNS ASK he###father.net
- DNS ASK he###apple.net
- DNS ASK ge####father.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''