Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Event Connections WWAN Locator' = 'C:\mtqhgfz\pfusiwky.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Socket Registrar Play Computer Registry] 'ImagePath' = 'C:\mtqhgfz\pfusiwky.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Socket Registrar Play Computer Registry] 'Start' = '00000002'
- 'C:\mtqhgfz\vonetmxn.exe' "c:\mtqhgfz\pfusiwky.exe"
- 'C:\mtqhgfz\pfusiwky.exe'
- 'C:\mtqhgfz\wr0sj2vuaxxtfbltiqfqjx.exe'
- C:\mtqhgfz\pfusiwky.exe
- C:\mtqhgfz\vonetmxn.exe
- C:\mtqhgfz\rxtcjhyrsnz
- %WINDIR%\mtqhgfz\iqpxtdtm
- C:\mtqhgfz\iqpxtdtm
- C:\mtqhgfz\wr0sj2vuaxxtfbltiqfqjx.exe
- C:\mtqhgfz\vonetmxn.exe
- C:\mtqhgfz\pfusiwky.exe
- C:\mtqhgfz\wr0sj2vuaxxtfbltiqfqjx.exe
- %WINDIR%\mtqhgfz\iqpxtdtm
- %WINDIR%\mtqhgfz\iqpxtdtm
- 'de####escape.net':80
- 'pr####eanimal.net':80
- 'pr####eescape.net':80
- 'br####modern.net':80
- 're####modern.net':80
- http://de####escape.net/index.php
- http://pr####eanimal.net/index.php
- http://pr####eescape.net/index.php
- http://br####modern.net/index.php
- http://re####modern.net/index.php
- DNS ASK de####escape.net
- DNS ASK pr####eanimal.net
- DNS ASK de####animal.net
- DNS ASK br####modern.net
- DNS ASK re####modern.net
- DNS ASK pr####eescape.net
- ClassName: 'Shell_TrayWnd' WindowName: ''