Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Service Tunneling Authentication Endpoint' = '<LS_APPDATA>\ttucsrwjfwhopf\qnzyitxbiep.exe'
- '<LS_APPDATA>\ttucsrwjfwhopf\gblegwqrjjf.exe' "<LS_APPDATA>\ttucsrwjfwhopf\qnzyitxbiep.exe"
- '<LS_APPDATA>\ttucsrwjfwhopf\qnzyitxbiep.exe'
- <LS_APPDATA>\ttucsrwjfwhopf\qnzyitxbiep.yhyyl
- <LS_APPDATA>\ttucsrwjfwhopf\gblegwqrjjf.exe
- <LS_APPDATA>\ttucsrwjfwhopf\qnzyitxbiep.exe
- <LS_APPDATA>\ttucsrwjfwhopf\gblegwqrjjf.exe
- <LS_APPDATA>\ttucsrwjfwhopf\qnzyitxbiep.exe
- 'la###escape.net':80
- la###escape.net/forum/search.php?em####################################
- DNS ASK si####animal.net
- DNS ASK mo####escape.net
- DNS ASK si####escape.net
- DNS ASK mo####problem.net
- DNS ASK si####problem.net
- DNS ASK mo####animal.net
- DNS ASK la###modern.net
- DNS ASK la###animal.net
- DNS ASK se####animal.net
- DNS ASK la###escape.net
- DNS ASK se####modern.net
- DNS ASK la####roblem.net
- DNS ASK se####problem.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''