Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Service ActiveX Block User Registrar Base' = '%APPDATA%\cfpyghekrowcwmh\fekklkiqejj.exe'
- '%APPDATA%\cfpyghekrowcwmh\agfnycorahsp.exe' "%APPDATA%\cfpyghekrowcwmh\fekklkiqejj.exe"
- '%APPDATA%\cfpyghekrowcwmh\fekklkiqejj.exe'
- %APPDATA%\cfpyghekrowcwmh\fekklkiqejj.xr
- %APPDATA%\cfpyghekrowcwmh\agfnycorahsp.exe
- %APPDATA%\cfpyghekrowcwmh\fekklkiqejj.exe
- %APPDATA%\cfpyghekrowcwmh\agfnycorahsp.exe
- %APPDATA%\cfpyghekrowcwmh\fekklkiqejj.exe
- 'pl####ntproud.net':80
- pl####ntproud.net/forum/search.php?em###############################
- DNS ASK re####eproud.net
- DNS ASK or###proud.net
- DNS ASK re####earound.net
- DNS ASK le####welcome.net
- DNS ASK re####ecomplete.net
- DNS ASK or####omplete.net
- DNS ASK or###around.net
- DNS ASK pl#####tcomplete.net
- DNS ASK ne####aryproud.net
- DNS ASK pl####ntproud.net
- DNS ASK re####ewelcome.net
- DNS ASK or####elcome.net
- DNS ASK ne#####rycomplete.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'