Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Launcher Cryptographic Keying' = '<LS_APPDATA>\prztoesvwykk\gsfpnsmbjmbv.exe'
- <LS_APPDATA>\prztoesvwykk\lbqbdcnkxv.exe "<LS_APPDATA>\prztoesvwykk\gsfpnsmbjmbv.exe"
- <LS_APPDATA>\prztoesvwykk\gsfpnsmbjmbv.exe
- <LS_APPDATA>\prztoesvwykk\gsfpnsmbjmbv.soi4
- <LS_APPDATA>\prztoesvwykk\lbqbdcnkxv.exe
- <LS_APPDATA>\prztoesvwykk\gsfpnsmbjmbv.exe
- <LS_APPDATA>\prztoesvwykk\lbqbdcnkxv.exe
- <LS_APPDATA>\prztoesvwykk\gsfpnsmbjmbv.exe
- 'ch####enproud.net':80
- ch####enproud.net/forum/search.php?em##########################################
- DNS ASK en####hproud.net
- DNS ASK ei###rproud.net
- DNS ASK en####haround.net
- DNS ASK ex####nature.net
- DNS ASK en####hcomplete.net
- DNS ASK ei####complete.net
- DNS ASK ei####around.net
- DNS ASK ch#####ncomplete.net
- DNS ASK fa###yproud.net
- DNS ASK ch####enproud.net
- DNS ASK en####hwelcome.net
- DNS ASK ei####welcome.net
- DNS ASK fa####complete.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''