Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Redirector Engine Plug Peer Service' = 'C:\gznohmq\fayoahhpqf.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Registry Problem Block Center AutoConfig Scheduler] 'ImagePath' = 'C:\gznohmq\fayoahhpqf.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Registry Problem Block Center AutoConfig Scheduler] 'Start' = '00000002'
- 'C:\gznohmq\byueskjah.exe' "c:\gznohmq\fayoahhpqf.exe"
- 'C:\gznohmq\fayoahhpqf.exe'
- 'C:\gznohmq\atz62zn0cpkjlikn.exe'
- C:\gznohmq\fayoahhpqf.exe
- C:\gznohmq\byueskjah.exe
- C:\gznohmq\atz62zn0cpkjlikn.exe
- %WINDIR%\gznohmq\zerltdf
- C:\gznohmq\zerltdf
- C:\gznohmq\byueskjah.exe
- C:\gznohmq\fayoahhpqf.exe
- C:\gznohmq\atz62zn0cpkjlikn.exe
- %WINDIR%\gznohmq\zerltdf
- 'le###escape.net':80
- 'fi####animal.net':80
- 'su####tmodern.net':80
- 'fi####escape.net':80
- 'le###animal.net':80
- 'fi####modern.net':80
- 'le###modern.net':80
- 'fi####problem.net':80
- 'le####roblem.net':80
- 'pe####sproblem.net':80
- 'wi####problem.net':80
- 'pe####sanimal.net':80
- 'wi####animal.net':80
- 'pe####smodern.net':80
- 'su####tanimal.net':80
- 'su####tproblem.net':80
- 'wi####modern.net':80
- 'su####tescape.net':80
- 'ma####alanimal.net':80
- 'se####lproblem.net':80
- 'ma####alescape.net':80
- 'se####lanimal.net':80
- 'ma####alproblem.net':80
- 'se####silver.net':80
- 'la###silver.net':80
- 'se####lmodern.net':80
- 'ma####almodern.net':80
- 'sw###animal.net':80
- 'pr####lyanimal.net':80
- 'sw###escape.net':80
- 'pr####lyescape.net':80
- 'sw####roblem.net':80
- 'pr####lymodern.net':80
- 'se####lescape.net':80
- 'pr####lyproblem.net':80
- 'sw###modern.net':80
- 'wi####escape.net':80
- 'se####escape.net':80
- 'la###escape.net':80
- 'se####lfortieth.net':80
- 'ma#####lfortieth.net':80
- 'se####animal.net':80
- 'la####roblem.net':80
- 'se####modern.net':80
- 'la###animal.net':80
- 'se####problem.net':80
- 'pr#####yfortieth.net':80
- 'se####ladvance.net':80
- 'pr####lygoodbye.net':80
- 'sw####ortieth.net':80
- 'ma####aladvance.net':80
- 'se####lgoodbye.net':80
- 'ma####algoodbye.net':80
- 'se####lstranger.net':80
- 'ma#####lstranger.net':80
- 'mo####inanimal.net':80
- 'po####leanimal.net':80
- 'mo####inescape.net':80
- 'po####leescape.net':80
- 'mo####inproblem.net':80
- 'po####lemodern.net':80
- 'pe####sescape.net':80
- 'po####leproblem.net':80
- 'mo####inmodern.net':80
- 'mo####escape.net':80
- 'si####animal.net':80
- 'la###modern.net':80
- 'si####escape.net':80
- 'mo####animal.net':80
- 'si####modern.net':80
- 'mo####modern.net':80
- 'si####problem.net':80
- 'mo####problem.net':80
- http://le###escape.net/index.php
- http://fi####animal.net/index.php
- http://su####tmodern.net/index.php
- http://fi####escape.net/index.php
- http://le###animal.net/index.php
- http://fi####modern.net/index.php
- http://le###modern.net/index.php
- http://fi####problem.net/index.php
- http://le####roblem.net/index.php
- http://pe####sproblem.net/index.php
- http://wi####problem.net/index.php
- http://pe####sanimal.net/index.php
- http://wi####animal.net/index.php
- http://pe####smodern.net/index.php
- http://su####tanimal.net/index.php
- http://su####tproblem.net/index.php
- http://wi####modern.net/index.php
- http://su####tescape.net/index.php
- http://ma####alanimal.net/index.php
- http://se####lproblem.net/index.php
- http://ma####alescape.net/index.php
- http://se####lanimal.net/index.php
- http://ma####alproblem.net/index.php
- http://se####silver.net/index.php
- http://la###silver.net/index.php
- http://se####lmodern.net/index.php
- http://ma####almodern.net/index.php
- http://sw###animal.net/index.php
- http://pr####lyanimal.net/index.php
- http://sw###escape.net/index.php
- http://pr####lyescape.net/index.php
- http://sw####roblem.net/index.php
- http://pr####lymodern.net/index.php
- http://se####lescape.net/index.php
- http://pr####lyproblem.net/index.php
- http://sw###modern.net/index.php
- http://wi####escape.net/index.php
- http://se####escape.net/index.php
- http://la###escape.net/index.php
- http://se####lfortieth.net/index.php
- http://ma#####lfortieth.net/index.php
- http://se####animal.net/index.php
- http://la####roblem.net/index.php
- http://se####modern.net/index.php
- http://la###animal.net/index.php
- http://se####problem.net/index.php
- http://pr#####yfortieth.net/index.php
- http://se####ladvance.net/index.php
- http://pr####lygoodbye.net/index.php
- http://sw####ortieth.net/index.php
- http://ma####aladvance.net/index.php
- http://se####lgoodbye.net/index.php
- http://ma####algoodbye.net/index.php
- http://se####lstranger.net/index.php
- http://ma#####lstranger.net/index.php
- http://mo####inanimal.net/index.php
- http://po####leanimal.net/index.php
- http://mo####inescape.net/index.php
- http://po####leescape.net/index.php
- http://mo####inproblem.net/index.php
- http://po####lemodern.net/index.php
- http://pe####sescape.net/index.php
- http://po####leproblem.net/index.php
- http://mo####inmodern.net/index.php
- http://mo####escape.net/index.php
- http://si####animal.net/index.php
- http://la###modern.net/index.php
- http://si####escape.net/index.php
- http://mo####animal.net/index.php
- http://si####modern.net/index.php
- http://mo####modern.net/index.php
- http://si####problem.net/index.php
- http://mo####problem.net/index.php
- DNS ASK le###escape.net
- DNS ASK fi####animal.net
- DNS ASK su####tmodern.net
- DNS ASK fi####escape.net
- DNS ASK le###animal.net
- DNS ASK fi####modern.net
- DNS ASK le###modern.net
- DNS ASK fi####problem.net
- DNS ASK le####roblem.net
- DNS ASK pe####sproblem.net
- DNS ASK wi####problem.net
- DNS ASK pe####sanimal.net
- DNS ASK wi####animal.net
- DNS ASK pe####smodern.net
- DNS ASK su####tanimal.net
- DNS ASK su####tproblem.net
- DNS ASK wi####modern.net
- DNS ASK su####tescape.net
- DNS ASK sw###escape.net
- DNS ASK se####lproblem.net
- DNS ASK ma####alproblem.net
- DNS ASK se####lanimal.net
- DNS ASK ma####alanimal.net
- DNS ASK se####lmodern.net
- DNS ASK la###silver.net
- DNS ASK se####sister.net
- DNS ASK ma####almodern.net
- DNS ASK se####silver.net
- DNS ASK pr####lyanimal.net
- DNS ASK sw####roblem.net
- DNS ASK pr####lyescape.net
- DNS ASK sw###animal.net
- DNS ASK pr####lyproblem.net
- DNS ASK se####lescape.net
- DNS ASK ma####alescape.net
- DNS ASK sw###modern.net
- DNS ASK pr####lymodern.net
- DNS ASK se####escape.net
- DNS ASK la###escape.net
- DNS ASK se####lfortieth.net
- DNS ASK ma#####lfortieth.net
- DNS ASK se####animal.net
- DNS ASK la####roblem.net
- DNS ASK se####modern.net
- DNS ASK la###animal.net
- DNS ASK se####problem.net
- DNS ASK pr#####yfortieth.net
- DNS ASK se####ladvance.net
- DNS ASK pr####lygoodbye.net
- DNS ASK sw####ortieth.net
- DNS ASK ma####aladvance.net
- DNS ASK se####lgoodbye.net
- DNS ASK ma####algoodbye.net
- DNS ASK se####lstranger.net
- DNS ASK ma#####lstranger.net
- DNS ASK la###modern.net
- DNS ASK po####leanimal.net
- DNS ASK mo####inproblem.net
- DNS ASK po####leescape.net
- DNS ASK mo####inanimal.net
- DNS ASK po####leproblem.net
- DNS ASK pe####sescape.net
- DNS ASK wi####escape.net
- DNS ASK mo####inmodern.net
- DNS ASK po####lemodern.net
- DNS ASK si####animal.net
- DNS ASK mo####animal.net
- DNS ASK si####escape.net
- DNS ASK mo####escape.net
- DNS ASK si####problem.net
- DNS ASK mo####modern.net
- DNS ASK mo####inescape.net
- DNS ASK mo####problem.net
- DNS ASK si####modern.net
- ClassName: 'Shell_TrayWnd' WindowName: ''