Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Auto-Discovery Problem Log List Human' = 'C:\zfmvgrfp\ubeqgasywqu.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Filtering Update Services] 'ImagePath' = 'C:\zfmvgrfp\ubeqgasywqu.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Filtering Update Services] 'Start' = '00000002'
- 'C:\zfmvgrfp\uryztuzczxi.exe' "c:\zfmvgrfp\ubeqgasywqu.exe"
- 'C:\zfmvgrfp\ubeqgasywqu.exe'
- 'C:\zfmvgrfp\em2jpnmfcgtgwdbdpyb.exe'
- C:\zfmvgrfp\ubeqgasywqu.exe
- C:\zfmvgrfp\uryztuzczxi.exe
- C:\zfmvgrfp\em2jpnmfcgtgwdbdpyb.exe
- %WINDIR%\zfmvgrfp\qfhimuxsb
- C:\zfmvgrfp\qfhimuxsb
- C:\zfmvgrfp\uryztuzczxi.exe
- C:\zfmvgrfp\ubeqgasywqu.exe
- C:\zfmvgrfp\em2jpnmfcgtgwdbdpyb.exe
- %WINDIR%\zfmvgrfp\qfhimuxsb
- 'mo#####ndiscover.net':80
- 'po####lewonder.net':80
- 'pe####scontinue.net':80
- 'po#####ediscover.net':80
- 'mo####inmaster.net':80
- 'po#####econtinue.net':80
- 'mo####inwonder.net':80
- 'po####lemaster.net':80
- 'pe####sdiscover.net':80
- 'wi####wonder.net':80
- 'su####tcontinue.net':80
- 'wi####discover.net':80
- 'pe####smaster.net':80
- 'wi####continue.net':80
- 'pe####swonder.net':80
- 'wi####master.net':80
- 'mo#####ncontinue.net':80
- 'la###wonder.net':80
- 'se####wonder.net':80
- 'la####iscover.net':80
- 'se####discover.net':80
- 'la####ontinue.net':80
- 'se####continue.net':80
- 'la###master.net':80
- 'se####master.net':80
- 'mo####wonder.net':80
- 'si####wonder.net':80
- 'mo####discover.net':80
- 'si####discover.net':80
- 'mo####continue.net':80
- 'si####continue.net':80
- 'mo####master.net':80
- 'si####master.net':80
- http://mo#####ndiscover.net/index.php
- http://po####lewonder.net/index.php
- http://pe####scontinue.net/index.php
- http://po#####ediscover.net/index.php
- http://mo####inmaster.net/index.php
- http://po#####econtinue.net/index.php
- http://mo####inwonder.net/index.php
- http://po####lemaster.net/index.php
- http://pe####sdiscover.net/index.php
- http://wi####wonder.net/index.php
- http://su####tcontinue.net/index.php
- http://wi####discover.net/index.php
- http://pe####smaster.net/index.php
- http://wi####continue.net/index.php
- http://pe####swonder.net/index.php
- http://wi####master.net/index.php
- http://mo#####ncontinue.net/index.php
- http://la###wonder.net/index.php
- http://se####wonder.net/index.php
- http://la####iscover.net/index.php
- http://se####discover.net/index.php
- http://la####ontinue.net/index.php
- http://se####continue.net/index.php
- http://la###master.net/index.php
- http://se####master.net/index.php
- http://mo####wonder.net/index.php
- http://si####wonder.net/index.php
- http://mo####discover.net/index.php
- http://si####discover.net/index.php
- http://mo####continue.net/index.php
- http://si####continue.net/index.php
- http://mo####master.net/index.php
- http://si####master.net/index.php
- DNS ASK mo#####ndiscover.net
- DNS ASK po####lewonder.net
- DNS ASK pe####scontinue.net
- DNS ASK po#####ediscover.net
- DNS ASK mo####inmaster.net
- DNS ASK po#####econtinue.net
- DNS ASK mo####inwonder.net
- DNS ASK po####lemaster.net
- DNS ASK pe####sdiscover.net
- DNS ASK wi####wonder.net
- DNS ASK su####tcontinue.net
- DNS ASK wi####discover.net
- DNS ASK pe####smaster.net
- DNS ASK wi####continue.net
- DNS ASK pe####swonder.net
- DNS ASK wi####master.net
- DNS ASK mo#####ncontinue.net
- DNS ASK la###wonder.net
- DNS ASK se####wonder.net
- DNS ASK la####iscover.net
- DNS ASK se####discover.net
- DNS ASK la####ontinue.net
- DNS ASK se####continue.net
- DNS ASK la###master.net
- DNS ASK se####master.net
- DNS ASK mo####wonder.net
- DNS ASK si####wonder.net
- DNS ASK mo####discover.net
- DNS ASK si####discover.net
- DNS ASK mo####continue.net
- DNS ASK si####continue.net
- DNS ASK mo####master.net
- DNS ASK si####master.net
- ClassName: 'Shell_TrayWnd' WindowName: ''