Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Information Disk Profile SNMP Cryptographic Drive' = '<LS_APPDATA>\rqzefoc\sxmktxkechtg.exe'
- <LS_APPDATA>\rqzefoc\djdtzksxfu.exe "<LS_APPDATA>\rqzefoc\sxmktxkechtg.exe"
- <LS_APPDATA>\rqzefoc\sxmktxkechtg.exe
- <LS_APPDATA>\rqzefoc\sxmktxkechtg.qtc
- <LS_APPDATA>\rqzefoc\djdtzksxfu.exe
- <LS_APPDATA>\rqzefoc\sxmktxkechtg.exe
- <LS_APPDATA>\rqzefoc\djdtzksxfu.exe
- <LS_APPDATA>\rqzefoc\sxmktxkechtg.exe
- 'fa###yproud.net':80
- 'ch####enproud.net':80
- fa###yproud.net/forum/search.php?em####################################
- ch####enproud.net/forum/search.php?em####################################
- DNS ASK en####hproud.net
- DNS ASK ei###rproud.net
- DNS ASK en####haround.net
- DNS ASK ei####complete.net
- DNS ASK be####enature.net
- DNS ASK ex####nature.net
- DNS ASK en####hcomplete.net
- DNS ASK ch#####ncomplete.net
- DNS ASK fa###yproud.net
- DNS ASK ch####enproud.net
- DNS ASK fa####complete.net
- DNS ASK ei####around.net
- DNS ASK en####hwelcome.net
- DNS ASK ei####welcome.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''