Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Portable Grouping Reporting Tools Resolution IP' = '<LS_APPDATA>\xruitgrerdmvg\kmhedclki.exe'
- '<LS_APPDATA>\xruitgrerdmvg\mpgzuwslshoj.exe' "<LS_APPDATA>\xruitgrerdmvg\kmhedclki.exe"
- '<LS_APPDATA>\xruitgrerdmvg\kmhedclki.exe'
- <LS_APPDATA>\xruitgrerdmvg\kmhedclki.hkdvj
- <LS_APPDATA>\xruitgrerdmvg\mpgzuwslshoj.exe
- <LS_APPDATA>\xruitgrerdmvg\kmhedclki.exe
- <LS_APPDATA>\xruitgrerdmvg\mpgzuwslshoj.exe
- <LS_APPDATA>\xruitgrerdmvg\kmhedclki.exe
- 'cl####ontinue.net':80
- 'th####ontinue.net':80
- 'we####rdiscover.net':80
- cl####ontinue.net/forum/search.php?em#################################
- th####ontinue.net/forum/search.php?em#################################
- we####rdiscover.net/forum/search.php?em#################################
- DNS ASK cl####iscover.net
- DNS ASK th####iscover.net
- DNS ASK cl###wonder.net
- DNS ASK th###became.net
- DNS ASK pr####tindustry.net
- DNS ASK th####ndustry.net
- DNS ASK cl####ontinue.net
- DNS ASK th####ontinue.net
- DNS ASK we####rdiscover.net
- DNS ASK th###wonder.net
- DNS ASK cl###master.net
- DNS ASK th###master.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''