Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Driver Encrypting Event Performance Link-Layer' = 'C:\flperijek\bfgypmv.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Compatibility RPC IP Backup Net.Tcp Base Files] 'Start' = '00000002'
- 'C:\flperijek\ekpdifagnu.exe' "c:\flperijek\bfgypmv.exe"
- 'C:\flperijek\bfgypmv.exe'
- 'C:\flperijek\lttjr2w60betl0fmw2.exe'
- C:\flperijek\bfgypmv.exe
- C:\flperijek\ekpdifagnu.exe
- C:\flperijek\lttjr2w60betl0fmw2.exe
- %WINDIR%\flperijek\xjpf4fev
- C:\flperijek\xjpf4fev
- C:\flperijek\ekpdifagnu.exe
- C:\flperijek\bfgypmv.exe
- C:\flperijek\lttjr2w60betl0fmw2.exe
- %WINDIR%\flperijek\xjpf4fev
- 'wo###nature.net':80
- 'sm###nature.net':80
- 'wa###govern.net':80
- 'wa###enough.net':80
- 'th####tgovern.net':80
- 'sm###enough.net':80
- 'wo###govern.net':80
- 'wo###enough.net':80
- 'wo###needle.net':80
- 'sm###needle.net':80
- 'su####govern.net':80
- 'cr###govern.net':80
- 'cr###enough.net':80
- 'cr###needle.net':80
- 'su####enough.net':80
- 'wa###needle.net':80
- 'th####tenough.net':80
- 'th####tneedle.net':80
- 'th####tnature.net':80
- 'wa###nature.net':80
- 'sm###govern.net':80
- 'ex#####ncebecome.net':80
- 'fr####ompany.net':80
- 'fr###become.net':80
- 'fr###cover.net':80
- 'ex####encecover.net':80
- 'ge####mancover.net':80
- 'al####ycover.net':80
- 'al####yfurther.net':80
- 'ex#####ncecompany.net':80
- 'ge#####anfurther.net':80
- 'fi###needle.net':80
- 'pa###enough.net':80
- 'pa###needle.net':80
- 'pa###nature.net':80
- 'fi###nature.net':80
- 'fr####urther.net':80
- 'ex#####ncefurther.net':80
- 'fi###govern.net':80
- 'fi###enough.net':80
- 'pa###govern.net':80
- 'ex#####ncegovern.net':80
- 'ge####mannature.net':80
- 'fr###govern.net':80
- 'fr###enough.net':80
- 'ex#####nceenough.net':80
- 'ge####manenough.net':80
- 'al####yenough.net':80
- 'al####yneedle.net':80
- 'al####ynature.net':80
- 'ge####manneedle.net':80
- 'fi###proud.net':80
- 'pa####omplete.net':80
- 'pa###proud.net':80
- 'pa###around.net':80
- 'fi###around.net':80
- 'fr###needle.net':80
- 'ex#####nceneedle.net':80
- 'ex#####ncenature.net':80
- 'fi####omplete.net':80
- 'fr###nature.net':80
- 'ge####mangovern.net':80
- 'be###enough.net':80
- 'kn###enough.net':80
- 'kn###needle.net':80
- 'kn###nature.net':80
- 'be###needle.net':80
- 'cr###nature.net':80
- 'su####needle.net':80
- 'su####nature.net':80
- 'be###govern.net':80
- 'kn###govern.net':80
- 'fo####needle.net':80
- 'me####needle.net':80
- 'me####nature.net':80
- 'al####ygovern.net':80
- 'fo####nature.net':80
- 'me####govern.net':80
- 'be###nature.net':80
- 'fo####govern.net':80
- 'fo####enough.net':80
- 'me####enough.net':80
- http://wo###nature.net/index.php
- http://sm###nature.net/index.php
- http://wa###govern.net/index.php
- http://wa###enough.net/index.php
- http://th####tgovern.net/index.php
- http://sm###enough.net/index.php
- http://wo###govern.net/index.php
- http://wo###enough.net/index.php
- http://wo###needle.net/index.php
- http://sm###needle.net/index.php
- http://su####govern.net/index.php
- http://cr###govern.net/index.php
- http://cr###enough.net/index.php
- http://cr###needle.net/index.php
- http://su####enough.net/index.php
- http://wa###needle.net/index.php
- http://th####tenough.net/index.php
- http://th####tneedle.net/index.php
- http://th####tnature.net/index.php
- http://wa###nature.net/index.php
- http://sm###govern.net/index.php
- http://ex#####ncebecome.net/index.php
- http://fr####ompany.net/index.php
- http://fr###become.net/index.php
- http://fr###cover.net/index.php
- http://ex####encecover.net/index.php
- http://ge####mancover.net/index.php
- http://al####ycover.net/index.php
- http://al####yfurther.net/index.php
- http://ex#####ncecompany.net/index.php
- http://ge#####anfurther.net/index.php
- http://fi###needle.net/index.php
- http://pa###enough.net/index.php
- http://pa###needle.net/index.php
- http://pa###nature.net/index.php
- http://fi###nature.net/index.php
- http://fr####urther.net/index.php
- http://ex#####ncefurther.net/index.php
- http://fi###govern.net/index.php
- http://fi###enough.net/index.php
- http://pa###govern.net/index.php
- http://ex#####ncegovern.net/index.php
- http://ge####mannature.net/index.php
- http://fr###govern.net/index.php
- http://fr###enough.net/index.php
- http://ex#####nceenough.net/index.php
- http://ge####manenough.net/index.php
- http://al####yenough.net/index.php
- http://al####yneedle.net/index.php
- http://al####ynature.net/index.php
- http://ge####manneedle.net/index.php
- http://fi###proud.net/index.php
- http://pa####omplete.net/index.php
- http://pa###proud.net/index.php
- http://pa###around.net/index.php
- http://fi###around.net/index.php
- http://fr###needle.net/index.php
- http://ex#####nceneedle.net/index.php
- http://ex#####ncenature.net/index.php
- http://fi####omplete.net/index.php
- http://fr###nature.net/index.php
- http://ge####mangovern.net/index.php
- http://be###enough.net/index.php
- http://kn###enough.net/index.php
- http://kn###needle.net/index.php
- http://kn###nature.net/index.php
- http://be###needle.net/index.php
- http://cr###nature.net/index.php
- http://su####needle.net/index.php
- http://su####nature.net/index.php
- http://be###govern.net/index.php
- http://kn###govern.net/index.php
- http://fo####needle.net/index.php
- http://me####needle.net/index.php
- http://me####nature.net/index.php
- http://al####ygovern.net/index.php
- http://fo####nature.net/index.php
- http://me####govern.net/index.php
- http://be###nature.net/index.php
- http://fo####govern.net/index.php
- http://fo####enough.net/index.php
- http://me####enough.net/index.php
- DNS ASK sm###nature.net
- DNS ASK wo###needle.net
- DNS ASK wo###nature.net
- DNS ASK th####tgovern.net
- DNS ASK wa###govern.net
- DNS ASK wo###govern.net
- DNS ASK sm###govern.net
- DNS ASK sm###enough.net
- DNS ASK sm###needle.net
- DNS ASK wo###enough.net
- DNS ASK cr###govern.net
- DNS ASK th####tnature.net
- DNS ASK su####govern.net
- DNS ASK su####enough.net
- DNS ASK cr###enough.net
- DNS ASK th####tenough.net
- DNS ASK wa###enough.net
- DNS ASK wa###needle.net
- DNS ASK wa###nature.net
- DNS ASK th####tneedle.net
- DNS ASK pa###nature.net
- DNS ASK fr####ompany.net
- DNS ASK ex#####ncecompany.net
- DNS ASK ex#####ncebecome.net
- DNS ASK ex####encecover.net
- DNS ASK fr###become.net
- DNS ASK al####ycover.net
- DNS ASK ge####manbecome.net
- DNS ASK ge####mancover.net
- DNS ASK ge#####anfurther.net
- DNS ASK al####yfurther.net
- DNS ASK pa###enough.net
- DNS ASK fi###enough.net
- DNS ASK fi###needle.net
- DNS ASK fi###nature.net
- DNS ASK pa###needle.net
- DNS ASK ex#####ncefurther.net
- DNS ASK fr###cover.net
- DNS ASK fr####urther.net
- DNS ASK pa###govern.net
- DNS ASK fi###govern.net
- DNS ASK cr###needle.net
- DNS ASK ex#####ncegovern.net
- DNS ASK ge####mannature.net
- DNS ASK fr###govern.net
- DNS ASK fr###enough.net
- DNS ASK ex#####nceenough.net
- DNS ASK ge####manenough.net
- DNS ASK al####yenough.net
- DNS ASK al####yneedle.net
- DNS ASK al####ynature.net
- DNS ASK ge####manneedle.net
- DNS ASK fi###proud.net
- DNS ASK pa####omplete.net
- DNS ASK pa###proud.net
- DNS ASK pa###around.net
- DNS ASK fi###around.net
- DNS ASK fr###needle.net
- DNS ASK ex#####nceneedle.net
- DNS ASK ex#####ncenature.net
- DNS ASK fi####omplete.net
- DNS ASK fr###nature.net
- DNS ASK ge####mangovern.net
- DNS ASK be###enough.net
- DNS ASK kn###enough.net
- DNS ASK kn###needle.net
- DNS ASK kn###nature.net
- DNS ASK be###needle.net
- DNS ASK cr###nature.net
- DNS ASK su####needle.net
- DNS ASK su####nature.net
- DNS ASK be###govern.net
- DNS ASK kn###govern.net
- DNS ASK fo####needle.net
- DNS ASK me####needle.net
- DNS ASK me####nature.net
- DNS ASK al####ygovern.net
- DNS ASK fo####nature.net
- DNS ASK me####govern.net
- DNS ASK be###nature.net
- DNS ASK fo####govern.net
- DNS ASK fo####enough.net
- DNS ASK me####enough.net
- ClassName: 'Shell_TrayWnd' WindowName: ''