Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Epic Privacy Browser Update' = '"<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe" /c'
- '<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe' /handoff "appguid={A3AA2AD6-C357-4BB3-9625-6550647D956D}&appname=Epic&needsadmin=False&lang=en" /installsource taggedmi /sessionid "{CA67F0D6-9D3E-4DD2-AF0C-682577522009}"
- '<LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\EpicCrashHandler.exe' /crashhandler
- '<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe' /ua /installsource core
- '<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe' -Embedding
- '<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe' /uninstall
- '<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe' /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB2ZXJzaW9uPSIxLjMuMjcuMTMiIGlzbWFjaGluZT0iMCIgc2Vzc2lvbmlkPSJ7Q0E2N0YwRDYtOUQzRS00REQyLUFGMEMtNjgyNTc3NTI...
- '%TEMP%\GUM1.tmp\EpicUpdate.exe' /installsource taggedmi /install "appguid={A3AA2AD6-C357-4BB3-9625-6550647D956D}&appname=Epic&needsadmin=False&lang=en"
- '%TEMP%\RarSFX0\EpicSetup.exe'
- '<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe' /regserver
- '<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe' /cr
- '<LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe' /c
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_fr.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_fil.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_hi.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_gu.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_et.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_es-419.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_fi.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_fa.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_hr.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ja.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_iw.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ko.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_kn.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_id.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_hu.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_it.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_is.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_am.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\EpicCrashHandler.exe
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_bg.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ar.dll
- %ALLUSERSPROFILE%\Application Data\Epic Privacy Browser\Update\Log\EpicUpdate.log
- %TEMP%\GUM1.tmp\goopdateres_zh-TW.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdate.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\EpicUpdate.exe
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_bn.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_en.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_el.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_es.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_en-GB.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_cs.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ca.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_de.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_da.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ur.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_uk.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_zh-CN.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_vi.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_te.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ta.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_tr.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_th.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_zh-TW.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\EpicUpdateBroker.exe
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\npEpicUpdate3.dll
- %TEMP%\GUR3.exe
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\EpicUpdateOnDemand.exe
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\psuser.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\EpicUpdateHelper.msi
- <LS_APPDATA>\Epic Privacy Browser\Update\EpicUpdate.exe
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\psmachine.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_nl.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ms.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_pl.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_no.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_lv.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_lt.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_mr.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ml.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_pt-BR.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_sr.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_sl.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_sw.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_sv.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ro.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_pt-PT.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_sk.dll
- <LS_APPDATA>\Epic Privacy Browser\Update\1.3.27.13\goopdateres_ru.dll
- %TEMP%\GUM1.tmp\goopdateres_el.dll
- %TEMP%\GUM1.tmp\goopdateres_de.dll
- %TEMP%\GUM1.tmp\goopdateres_en-GB.dll
- %TEMP%\GUM1.tmp\goopdateres_en.dll
- %TEMP%\GUM1.tmp\goopdateres_ca.dll
- %TEMP%\GUM1.tmp\goopdateres_bn.dll
- %TEMP%\GUM1.tmp\goopdateres_da.dll
- %TEMP%\GUM1.tmp\goopdateres_cs.dll
- %TEMP%\GUM1.tmp\goopdateres_es.dll
- %TEMP%\GUM1.tmp\goopdateres_fr.dll
- %TEMP%\GUM1.tmp\goopdateres_fil.dll
- %TEMP%\GUM1.tmp\goopdateres_hi.dll
- %TEMP%\GUM1.tmp\goopdateres_gu.dll
- %TEMP%\GUM1.tmp\goopdateres_et.dll
- %TEMP%\GUM1.tmp\goopdateres_es-419.dll
- %TEMP%\GUM1.tmp\goopdateres_fi.dll
- %TEMP%\GUM1.tmp\goopdateres_fa.dll
- %TEMP%\GUM1.tmp\EpicUpdate.exe
- %TEMP%\GUT2.tmp
- %TEMP%\GUM1.tmp\goopdate.dll
- %TEMP%\GUM1.tmp\EpicCrashHandler.exe
- %TEMP%\RarSFX0\dllhost.bat
- %TEMP%\RarSFX0\EpicSetup.exe
- %TEMP%\RarSFX0\explorer.exe
- %TEMP%\RarSFX0\dllhost.vbs
- %TEMP%\GUM1.tmp\npEpicUpdate3.dll
- %TEMP%\GUM1.tmp\goopdateres_am.dll
- %TEMP%\GUM1.tmp\psuser.dll
- %TEMP%\GUM1.tmp\goopdateres_bg.dll
- %TEMP%\GUM1.tmp\goopdateres_ar.dll
- %TEMP%\GUM1.tmp\EpicUpdateBroker.exe
- %TEMP%\GUM1.tmp\EpicUpdateHelper.msi
- %TEMP%\GUM1.tmp\psmachine.dll
- %TEMP%\GUM1.tmp\EpicUpdateOnDemand.exe
- %TEMP%\GUM1.tmp\goopdateres_sl.dll
- %TEMP%\GUM1.tmp\goopdateres_sk.dll
- %TEMP%\GUM1.tmp\goopdateres_sv.dll
- %TEMP%\GUM1.tmp\goopdateres_sr.dll
- %TEMP%\GUM1.tmp\goopdateres_pt-PT.dll
- %TEMP%\GUM1.tmp\goopdateres_pt-BR.dll
- %TEMP%\GUM1.tmp\goopdateres_ru.dll
- %TEMP%\GUM1.tmp\goopdateres_ro.dll
- %TEMP%\GUM1.tmp\goopdateres_sw.dll
- %TEMP%\GUM1.tmp\goopdateres_ur.dll
- %TEMP%\GUM1.tmp\goopdateres_uk.dll
- %TEMP%\GUM1.tmp\goopdateres_zh-CN.dll
- %TEMP%\GUM1.tmp\goopdateres_vi.dll
- %TEMP%\GUM1.tmp\goopdateres_te.dll
- %TEMP%\GUM1.tmp\goopdateres_ta.dll
- %TEMP%\GUM1.tmp\goopdateres_tr.dll
- %TEMP%\GUM1.tmp\goopdateres_th.dll
- %TEMP%\GUM1.tmp\goopdateres_iw.dll
- %TEMP%\GUM1.tmp\goopdateres_it.dll
- %TEMP%\GUM1.tmp\goopdateres_kn.dll
- %TEMP%\GUM1.tmp\goopdateres_ja.dll
- %TEMP%\GUM1.tmp\goopdateres_hu.dll
- %TEMP%\GUM1.tmp\goopdateres_hr.dll
- %TEMP%\GUM1.tmp\goopdateres_is.dll
- %TEMP%\GUM1.tmp\goopdateres_id.dll
- %TEMP%\GUM1.tmp\goopdateres_ko.dll
- %TEMP%\GUM1.tmp\goopdateres_nl.dll
- %TEMP%\GUM1.tmp\goopdateres_ms.dll
- %TEMP%\GUM1.tmp\goopdateres_pl.dll
- %TEMP%\GUM1.tmp\goopdateres_no.dll
- %TEMP%\GUM1.tmp\goopdateres_lv.dll
- %TEMP%\GUM1.tmp\goopdateres_lt.dll
- %TEMP%\GUM1.tmp\goopdateres_mr.dll
- %TEMP%\GUM1.tmp\goopdateres_ml.dll
- %TEMP%\RarSFX0\explorer.exe
- %TEMP%\RarSFX0\dllhost.vbs
- %TEMP%\RarSFX0\dllhost.bat
- %TEMP%\GUR3.exe
- 'up#####.epicbrowser.com':80
- 'up#####.epicbrowser.com':443
- 'localhost':1056
- 'localhost':1046
- 'wp#d':80
- 'localhost':1043
- 'localhost':1044
- http://up#####.epicbrowser.com/service/check2?ap#################################################################################################################################################...
- http://11#.#11.111.1/wpad.dat via wp#d
- http://up#####.epicbrowser.com/service/update2
- http://up#####.epicbrowser.com/service/update2?w=################################################################################################################################################...
- DNS ASK up#####.epicbrowser.com
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''