Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Proxy Biometric Scheduler Firewall' = 'C:\btdgenzmpk\quijssd.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\NetBIOS Endpoint User Proxy Interactive] 'Start' = '00000002'
- 'C:\btdgenzmpk\cwoeblnf.exe' "c:\btdgenzmpk\quijssd.exe"
- 'C:\btdgenzmpk\quijssd.exe'
- 'C:\btdgenzmpk\dob14rpflpgtro1hycu.exe'
- C:\btdgenzmpk\quijssd.exe
- C:\btdgenzmpk\cwoeblnf.exe
- C:\btdgenzmpk\owihdp
- %WINDIR%\btdgenzmpk\tffjjxlvtuuy
- C:\btdgenzmpk\tffjjxlvtuuy
- C:\btdgenzmpk\dob14rpflpgtro1hycu.exe
- C:\btdgenzmpk\cwoeblnf.exe
- C:\btdgenzmpk\quijssd.exe
- C:\btdgenzmpk\dob14rpflpgtro1hycu.exe
- %WINDIR%\btdgenzmpk\tffjjxlvtuuy
- 'al###inside.net':80
- 'of###inside.net':80
- 'al####nstead.net':80
- http://al###inside.net/index.php?me########
- http://of###inside.net/index.php?me########
- http://al####nstead.net/index.php?me########
- DNS ASK of###inside.net
- DNS ASK al###bright.net
- DNS ASK mi####instead.net
- DNS ASK al###inside.net
- DNS ASK of####xplain.net
- DNS ASK al####nstead.net
- DNS ASK of###bright.net
- DNS ASK al####xplain.net
- ClassName: 'Shell_TrayWnd' WindowName: ''