Technical Information
- <LS_APPDATA>\google\chrome\user data\default\web data
- %APPDATA%\opera software\opera stable\login data
- %HOMEPATH%\desktop\508softwareandos.doc
- %HOMEPATH%\desktop\aoc_saq_d_v3_merchant.docx
- %HOMEPATH%\desktop\applicantform_en.doc
- %HOMEPATH%\desktop\fi51.doc
- %HOMEPATH%\desktop\hanni_umami_chapter.doc
- %HOMEPATH%\desktop\ovp25012015.doc
- ClassName: 'OLLYDBG', WindowName: ''
- ClassName: 'GBDYLLO', WindowName: ''
- ClassName: 'pediy06', WindowName: ''
- ClassName: 'FilemonClass', WindowName: ''
- ClassName: '', WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS', WindowName: ''
- ClassName: '', WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass', WindowName: ''
- ClassName: '', WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- %TEMP%\bzlupgjqk.exe
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\actions.txt
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\information.txt
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\screenshot.jpeg
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\steam\dialogconfig.vdf
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\steam\config.vdf
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\ovp25012015.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\hanni_umami_chapter.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\fi51.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\applicantform_en.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\aoc_saq_d_v3_merchant.docx
- %APPDATA%\zpar1t9y1y3w5y1t9y1y3w5y.zip
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\508softwareandos.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\cookies\opera_2.log
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\cookies\mozilla_1.log
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\cookies\chrome_0.log
- %TEMP%\vlmi{lolz}yg.col
- %APPDATA%\lite3\pubg_lite_v3.exe
- %APPDATA%\lite3\asff.vbs
- %PROGRAMDATA%\tempfileses\plhack3.exe
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\telegram\map0
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\telegram\d877f783d5d3ef8c1
- %TEMP%\pubg_lite_v3.exe
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\history\opera.txt
- <LS_APPDATA>\microsoft\windows\history\history.ie5\mshist012019102620191027\index.dat
- %PROGRAMDATA%\tempfileses\plhack3.exe
- %APPDATA%\lite3\asff.vbs
- %APPDATA%\lite3\pubg_lite_v3.exe
- %TEMP%\vlmi{lolz}yg.col
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\telegram\d877f783d5d3ef8c1
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\steam\dialogconfig.vdf
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\steam\config.vdf
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\screenshot.jpeg
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\information.txt
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\history\opera.txt
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\ovp25012015.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\telegram\map0
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\hanni_umami_chapter.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\applicantform_en.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\aoc_saq_d_v3_merchant.docx
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\508softwareandos.doc
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\cookies\opera_2.log
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\cookies\mozilla_1.log
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\cookies\chrome_0.log
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\actions.txt
- %APPDATA%\ptst1t9y1y3w5y1t9y1y3w5y\files\fi51.doc
- %APPDATA%\zpar1t9y1y3w5y1t9y1y3w5y.zip
- %TEMP%\vlmi{lolz}yg.col
- http://he###-hack.com/
- http://he###-hack.com/templates/HellsFix/images/news/border/t-l.png
- http://he###-hack.com/templates/HellsFix/images/header/logo1.png
- http://he###-hack.com/templates/HellsFix/images/global-border/t.png
- http://he###-hack.com/templates/HellsFix/images/global-border/t-r.png
- http://he###-hack.com/templates/HellsFix/images/global-border/t-l.png
- http://he###-hack.com/uploads/fotos/foto_32109.jpg
- http://he###-hack.com/templates/HellsFix/Menu/bottom1.png
- http://he###-hack.com/templates/HellsFix/Menu/Zetes.png
- http://he###-hack.com/uploads/posts/2015-06/1435293524_dollar.png
- http://he###-hack.com/templates/HellsFix/images/news/border/t.png
- http://he###-hack.com/templates/HellsFix/images/news/border/r.png
- http://he###-hack.com/templates/HellsFix/images/news/border/l.png
- http://j1####11.myjino.ru/api/info.get
- http://he###-hack.com/uploads/posts/2019-04/medium/1555143553_133777.jpg
- http://he###-hack.com/uploads/posts/2019-04/1556000519_asn4rgg.gif
- http://he###-hack.com/uploads/posts/2019-10/medium/1571446404_133777.jpg
- http://he###-hack.com/uploads/posts/2019-10/medium/1571536678_1333777.jpg
- http://he###-hack.com/templates/HellsFix/Menu/Menu.png
- http://he###-hack.com/templates/HellsFix/images/content/bg.png
- http://j1####11.myjino.ru/api/download.get
- http://he###-hack.com/templates/HellsFix/images/global-border/b.png
- http://he###-hack.com/templates/HellsFix/images/global-border/b-r.png
- http://he###-hack.com/templates/HellsFix/images/global-border/b-l.png
- http://he###-hack.com/templates/HellsFix/images/bottom/center.png
- http://he###-hack.com/templates/HellsFix/images/bottom/right.png
- http://he###-hack.com/templates/HellsFix/images/bottom/left.png
- http://he###-hack.com/templates/HellsFix/images/paginator_rarr.png
- http://he###-hack.com/templates/HellsFix/images/paginator_bg.png
- http://he###-hack.com/uploads/posts/2019-10/medium/1571632283_41312123123.jpg
- http://he###-hack.com/templates/HellsFix/images/news/border/t-r.png
- http://he###-hack.com/templates/HellsFix/images/news/article/right.png
- http://he###-hack.com/templates/HellsFix/images/news/article/left.png
- http://he###-hack.com/templates/HellsFix/images/news/article/readmore-btn.png
- http://he###-hack.com/templates/HellsFix/images/news/title/center.png
- http://he###-hack.com/templates/HellsFix/images/news/title/right.png
- http://he###-hack.com/templates/HellsFix/images/news/title/left.png
- http://he###-hack.com/templates/HellsFix/images/news/border/b.png
- http://he###-hack.com/templates/HellsFix/images/news/border/b-r.png
- http://he###-hack.com/templates/HellsFix/images/news/article/center.png
- http://he###-hack.com/templates/HellsFix/images/news/border/b-l.png
- http://he###-hack.com/uploads/posts/2019-02/medium/1551205665_czium.jpeg
- http://he###-hack.com/uploads/posts/2019-10/medium/1571630396_133888.jpg
- http://he###-hack.com/uploads/posts/2017-10/medium/1509220776_1337.jpg
- http://he###-hack.com/templates/HellsFix/js/libs.js
- http://nu##link.ru/link/list/9992403.js
- http://he###-hack.com/templates/HellsFix/images/header/fca.jpg
- http://he###-hack.com/uploads/posts/2019-07/medium/1564248335_apps_53186_66061984908082265_00884c53-4850-4a2a-8e92-43e3b03bb0dc.jpg
- http://he###-hack.com/uploads/posts/2019-07/medium/1564248544_diesel_product_alan-wake_home_alan_wake_primarypromo_2580x1450-2580x1450-550042713eeb4197f97cb7e1442543dee3ba2883.jpg
- http://he###-hack.com/uploads/posts/2019-09/medium/1569311238_fort.jpg
- http://he###-hack.com/uploads/posts/2019-09/1569311381_googlepass.jpg
- http://he###-hack.com/uploads/posts/2019-09/medium/1569311705_ps5.png
- http://he###-hack.com/templates/HellsFix/images/favicons.ico
- http://he###-hack.com/templates/HellsFix/images/global-border/l.png
- http://pa#####.#ooglesyndication.com/pagead/js/adsbygoogle.js
- http://he###-hack.com/engine/classes/js/jqueryui.js?v=##
- http://he###-hack.com/templates/HellsFix/icomm/style.css
- http://he###-hack.com/engine/classes/js/dle_js.js?v=##
- http://he###-hack.com/templates/HellsFix/style/style.css
- http://he###-hack.com/engine/classes/highslide/highslide.js?v=##
- http://he###-hack.com/engine/classes/js/jquery.js?v=##
- http://he###-hack.com/engine/editor/css/default.css?v=##
- http://he###-hack.com/templates/HellsFix/dleimages/noavatar.png
- http://he###-hack.com/templates/HellsFix/images/paginator_larr.png
- http://he###-hack.com/templates/HellsFix/images/global-border/r.png
- http://co####r.yadro.ru/hit?q;#################################################################
- http://co####r.yadro.ru/hit?t1###############################################################
- http://he###-hack.com/uploads/posts/2019-10/medium/1571470346_123123.jpg
- http://he###-hack.com/uploads/posts/2019-10/medium/1570356847_123213.jpg
- http://he###-hack.com/uploads/posts/2019-10/medium/1571821938_13337777.jpg
- http://he###-hack.com/uploads/posts/2019-05/medium/1558620152_133777.jpg
- http://he###-hack.com/uploads/posts/2019-10/medium/1571533105_1111111.jpg
- http://he###-hack.com/uploads/posts/2019-09/medium/1569678644_133777.jpg
- http://he###-hack.com/uploads/posts/2017-11/medium/1510029802_1338.jpg
- http://he###-hack.com/templates/HellsFix/images/horisontal-nav/left.png
- http://he###-hack.com/templates/HellsFix/images/header/rss-button.png
- http://www.ra##ruty.ru/counter/hells-hack.com.gif
- http://he###-hack.com/templates/HellsFix/images/content/find-btn.png
- http://he###-hack.com/templates/HellsFix/images/content/search-bg.png
- http://he###-hack.com/templates/HellsFix/images/inform/bg.png
- http://he###-hack.com/templates/HellsFix/images/logintitle2.png
- http://he###-hack.com/templates/HellsFix/images/header/bgs.png
- http://he###-hack.com/templates/HellsFix/images/horisontal-nav/center.png
- http://he###-hack.com/templates/HellsFix/images/horisontal-nav/right.png
- http://he###-hack.com/templates/HellsFix/images/header/search-btn.png
- http://he###-hack.com/engine/opensearch.php
- DNS ASK he###-hack.com
- DNS ASK pa#####.#ooglesyndication.com
- DNS ASK nu##link.ru
- DNS ASK ra##ruty.ru
- DNS ASK co####r.yadro.ru
- DNS ASK j1####11.myjino.ru
- ClassName: '18467-41' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%TEMP%\bzlupgjqk.exe'
- '%TEMP%\pubg_lite_v3.exe'
- '%PROGRAMDATA%\tempfileses\plhack3.exe'
- '%APPDATA%\lite3\pubg_lite_v3.exe'
- '%WINDIR%\syswow64\wscript.exe' "%APPDATA%\Lite3\asff.vbs"