Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'QZet Agent' = '"%WINDIR%\azup.exe" -agent'
- %WINDIR%\azup.exe -agent
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ag[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\ag[1].php
- %WINDIR%\azup.ini
- <Current directory>\azup.ini
- %WINDIR%\azup.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\ag[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ag[1].php
- 'qz#t.ru':80
- '18#.#34.65.133':80
- qz#t.ru/ag.php?lo####
- 18#.#34.65.133/ag.php?lo####
- DNS ASK qz#t.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''