Техническая информация
- Центр обеспечения безопасности (Security Center)
- '%TEMP%\patxfpqi3ngnypyh.exe' -r 44121 tcp
- <SYSTEM32>\3leu\run
- <SYSTEM32>\3leu\cfg
- %TEMP%\patxfpqi3ngnypyh.exe
- <SYSTEM32>\3leu\tst
- <SYSTEM32>\3leu\etc
- <SYSTEM32>\3leu\rng
- %TEMP%\patxfpqi3ngnypyh.exe
- <DRIVERS>\etc\hosts
- 'go#####everytime.com':80
- 'ja###uter.com':80
- 'sp###aguga.net':80
- 'en#####paintshop.com':80
- 'sp###aguga.com':80
- 'el#####arimagine.com':80
- 'ji####herenow.com':80
- http://go#####everytime.com/forum/search.php?me########################################
- http://ja###uter.com/forum/search.php?me########################################
- http://sp###aguga.net/forum/search.php?me########################################
- http://en#####paintshop.com/forum/search.php?me########################################
- http://sp###aguga.com/forum/search.php?me########################################
- http://el#####arimagine.com/forum/search.php?me########################################
- http://ji####herenow.com/forum/search.php?me########################################
- DNS ASK go#####everytime.com
- DNS ASK en#####paintshop.com
- DNS ASK sp###aguga.net
- DNS ASK ja###uter.com
- DNS ASK sp###aguga.com
- DNS ASK el#####arimagine.com
- DNS ASK ji####herenow.com
- '23#.#55.255.250':1900