Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Level Provider DHCP TCP/IP Function Program' = 'C:\ayfkrmnkqgqcqj\oonojkee.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Protocol Configuration Security VC Task] 'ImagePath' = 'C:\ayfkrmnkqgqcqj\oonojkee.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Protocol Configuration Security VC Task] 'Start' = '00000002'
- 'C:\ayfkrmnkqgqcqj\oqwowbxvq.exe' "c:\ayfkrmnkqgqcqj\oonojkee.exe"
- 'C:\ayfkrmnkqgqcqj\oonojkee.exe'
- 'C:\ayfkrmnkqgqcqj\mmb6m2gnex3s9nlfzyupl.exe'
- C:\ayfkrmnkqgqcqj\oonojkee.exe
- C:\ayfkrmnkqgqcqj\oqwowbxvq.exe
- C:\ayfkrmnkqgqcqj\gknhklkf
- %WINDIR%\ayfkrmnkqgqcqj\rvdjfjfpn
- C:\ayfkrmnkqgqcqj\rvdjfjfpn
- C:\ayfkrmnkqgqcqj\mmb6m2gnex3s9nlfzyupl.exe
- C:\ayfkrmnkqgqcqj\oqwowbxvq.exe
- C:\ayfkrmnkqgqcqj\oonojkee.exe
- C:\ayfkrmnkqgqcqj\mmb6m2gnex3s9nlfzyupl.exe
- %WINDIR%\ayfkrmnkqgqcqj\rvdjfjfpn
- %WINDIR%\ayfkrmnkqgqcqj\rvdjfjfpn
- '24.##9.216.168':33794
- '98.##.239.20':20922
- '86.##5.10.227':45279
- '18#.#42.73.242':26662
- '78.##5.171.93':23699
- '17#.#50.138.208':20422
- '81.##7.50.99':52074
- '62.##1.108.194':20068
- ClassName: 'Shell_TrayWnd' WindowName: ''