Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Protocol Problem Isolation Gateway Counter' = 'C:\lzingtkrufeechz\ostnybmja.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Internet Launcher Interactive System Agent] 'Start' = '00000002'
- 'C:\lzingtkrufeechz\hlohcrgfschb.exe' "c:\lzingtkrufeechz\ostnybmja.exe"
- 'C:\lzingtkrufeechz\ostnybmja.exe'
- 'C:\lzingtkrufeechz\nc2v3dsaiulkvjogdno.exe'
- C:\lzingtkrufeechz\ostnybmja.exe
- C:\lzingtkrufeechz\hlohcrgfschb.exe
- C:\lzingtkrufeechz\nc2v3dsaiulkvjogdno.exe
- %WINDIR%\lzingtkrufeechz\p1jau2iv
- C:\lzingtkrufeechz\p1jau2iv
- C:\lzingtkrufeechz\hlohcrgfschb.exe
- C:\lzingtkrufeechz\ostnybmja.exe
- C:\lzingtkrufeechz\nc2v3dsaiulkvjogdno.exe
- %WINDIR%\lzingtkrufeechz\p1jau2iv
- 'fa####beyond.net':80
- 'ch####enbeing.net':80
- 'ci####ttebottom.net':80
- 'ch####enbeyond.net':80
- 'fa####forever.net':80
- 'ch####enbottom.net':80
- 'fa###ybeing.net':80
- 'ch####enforever.net':80
- 'ci####ttebeyond.net':80
- 'pi####ebeing.net':80
- 'th####bottom.net':80
- 'pi####ebeyond.net':80
- 'ci#####teforever.net':80
- 'pi####ebottom.net':80
- 'ci####ttebeing.net':80
- 'pi####eforever.net':80
- 'fa####bottom.net':80
- 'ex####minute.net':80
- 'be####eminute.net':80
- 'ex####flower.net':80
- 'be####eflower.net':80
- 'ex####corner.net':80
- 'be####ecorner.net':80
- 'ex####special.net':80
- 'be####especial.net':80
- 'ei###rbeing.net':80
- 'en####hbeing.net':80
- 'ei####beyond.net':80
- 'en####hbeyond.net':80
- 'ei####bottom.net':80
- 'en####hbottom.net':80
- 'ei####forever.net':80
- 'en####hforever.net':80
- 'su####beyond.net':80
- 'fo####nbeyond.net':80
- 'pe####bottom.net':80
- 'ma####ebottom.net':80
- 'su####forever.net':80
- 'fo####nforever.net':80
- 'su###nbeing.net':80
- 'fo####nbeing.net':80
- 'pe####beyond.net':80
- 'ma####ebeyond.net':80
- 'ex####bottom.net':80
- 'be####ebottom.net':80
- 'pe####forever.net':80
- 'ma####eforever.net':80
- 'pe###nbeing.net':80
- 'ma####ebeing.net':80
- 'su####bottom.net':80
- 'th####beyond.net':80
- 'fi###ebeing.net':80
- 'ri###bottom.net':80
- 'fi####beyond.net':80
- 'th####forever.net':80
- 'fi####bottom.net':80
- 'th###hbeing.net':80
- 'fi####forever.net':80
- 'ri###beyond.net':80
- 'wh####rbeing.net':80
- 'fo####nbottom.net':80
- 'wh####rbeyond.net':80
- 'ri####orever.net':80
- 'wh####rbottom.net':80
- 'ri###being.net':80
- 'wh####rforever.net':80
- http://fa####beyond.net/index.php
- http://ch####enbeing.net/index.php
- http://ci####ttebottom.net/index.php
- http://ch####enbeyond.net/index.php
- http://fa####forever.net/index.php
- http://ch####enbottom.net/index.php
- http://fa###ybeing.net/index.php
- http://ch####enforever.net/index.php
- http://ci####ttebeyond.net/index.php
- http://pi####ebeing.net/index.php
- http://th####bottom.net/index.php
- http://pi####ebeyond.net/index.php
- http://ci#####teforever.net/index.php
- http://pi####ebottom.net/index.php
- http://ci####ttebeing.net/index.php
- http://pi####eforever.net/index.php
- http://fa####bottom.net/index.php
- http://ex####minute.net/index.php
- http://be####eminute.net/index.php
- http://ex####flower.net/index.php
- http://be####eflower.net/index.php
- http://ex####corner.net/index.php
- http://be####ecorner.net/index.php
- http://ex####special.net/index.php
- http://be####especial.net/index.php
- http://ei###rbeing.net/index.php
- http://en####hbeing.net/index.php
- http://ei####beyond.net/index.php
- http://en####hbeyond.net/index.php
- http://ei####bottom.net/index.php
- http://en####hbottom.net/index.php
- http://ei####forever.net/index.php
- http://en####hforever.net/index.php
- http://su####beyond.net/index.php
- http://fo####nbeyond.net/index.php
- http://pe####bottom.net/index.php
- http://ma####ebottom.net/index.php
- http://su####forever.net/index.php
- http://fo####nforever.net/index.php
- http://su###nbeing.net/index.php
- http://fo####nbeing.net/index.php
- http://pe####beyond.net/index.php
- http://ma####ebeyond.net/index.php
- http://ex####bottom.net/index.php
- http://be####ebottom.net/index.php
- http://pe####forever.net/index.php
- http://ma####eforever.net/index.php
- http://pe###nbeing.net/index.php
- http://ma####ebeing.net/index.php
- http://su####bottom.net/index.php
- http://th####beyond.net/index.php
- http://fi###ebeing.net/index.php
- http://ri###bottom.net/index.php
- http://fi####beyond.net/index.php
- http://th####forever.net/index.php
- http://fi####bottom.net/index.php
- http://th###hbeing.net/index.php
- http://fi####forever.net/index.php
- http://ri###beyond.net/index.php
- http://wh####rbeing.net/index.php
- http://fo####nbottom.net/index.php
- http://wh####rbeyond.net/index.php
- http://ri####orever.net/index.php
- http://wh####rbottom.net/index.php
- http://ri###being.net/index.php
- http://wh####rforever.net/index.php
- DNS ASK fa####beyond.net
- DNS ASK ch####enbeing.net
- DNS ASK ci####ttebottom.net
- DNS ASK ch####enbeyond.net
- DNS ASK fa####forever.net
- DNS ASK ch####enbottom.net
- DNS ASK fa###ybeing.net
- DNS ASK ch####enforever.net
- DNS ASK ci####ttebeyond.net
- DNS ASK pi####ebeing.net
- DNS ASK th####bottom.net
- DNS ASK pi####ebeyond.net
- DNS ASK ci#####teforever.net
- DNS ASK pi####ebottom.net
- DNS ASK ci####ttebeing.net
- DNS ASK pi####eforever.net
- DNS ASK fa####bottom.net
- DNS ASK ex####minute.net
- DNS ASK be####eminute.net
- DNS ASK ex####flower.net
- DNS ASK be####eflower.net
- DNS ASK ex####corner.net
- DNS ASK be####ecorner.net
- DNS ASK ex####special.net
- DNS ASK be####especial.net
- DNS ASK ei###rbeing.net
- DNS ASK en####hbeing.net
- DNS ASK ei####beyond.net
- DNS ASK en####hbeyond.net
- DNS ASK ei####bottom.net
- DNS ASK en####hbottom.net
- DNS ASK ei####forever.net
- DNS ASK en####hforever.net
- DNS ASK su####beyond.net
- DNS ASK fo####nbeyond.net
- DNS ASK pe####bottom.net
- DNS ASK ma####ebottom.net
- DNS ASK su####forever.net
- DNS ASK fo####nforever.net
- DNS ASK su###nbeing.net
- DNS ASK fo####nbeing.net
- DNS ASK pe####beyond.net
- DNS ASK ma####ebeyond.net
- DNS ASK ex####bottom.net
- DNS ASK be####ebottom.net
- DNS ASK pe####forever.net
- DNS ASK ma####eforever.net
- DNS ASK pe###nbeing.net
- DNS ASK ma####ebeing.net
- DNS ASK su####bottom.net
- DNS ASK th####beyond.net
- DNS ASK fi###ebeing.net
- DNS ASK ri###bottom.net
- DNS ASK fi####beyond.net
- DNS ASK th####forever.net
- DNS ASK fi####bottom.net
- DNS ASK th###hbeing.net
- DNS ASK fi####forever.net
- DNS ASK ri###beyond.net
- DNS ASK wh####rbeing.net
- DNS ASK fo####nbottom.net
- DNS ASK wh####rbeyond.net
- DNS ASK ri####orever.net
- DNS ASK wh####rbottom.net
- DNS ASK ri###being.net
- DNS ASK wh####rforever.net
- ClassName: 'Shell_TrayWnd' WindowName: ''