Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Panel Tools System Solutions Application Auto' = 'C:\hjvjcne\rooyyrs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Protected CardSpace COM+ Upgrade AuthIP] 'ImagePath' = 'C:\hjvjcne\rooyyrs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Protected CardSpace COM+ Upgrade AuthIP] 'Start' = '00000002'
- 'C:\hjvjcne\xetntodkn.exe' "c:\hjvjcne\rooyyrs.exe"
- 'C:\hjvjcne\rooyyrs.exe'
- 'C:\hjvjcne\bkkgp2qfubcimjok2mm.exe'
- C:\hjvjcne\rooyyrs.exe
- C:\hjvjcne\xetntodkn.exe
- C:\hjvjcne\utledyjek
- %WINDIR%\hjvjcne\irzlat0owf
- C:\hjvjcne\irzlat0owf
- C:\hjvjcne\bkkgp2qfubcimjok2mm.exe
- C:\hjvjcne\xetntodkn.exe
- C:\hjvjcne\rooyyrs.exe
- C:\hjvjcne\bkkgp2qfubcimjok2mm.exe
- %WINDIR%\hjvjcne\irzlat0owf
- %WINDIR%\hjvjcne\irzlat0owf
- '21#.#7.168.28':52231
- '77.##7.13.68':30018
- '88.#48.36.4':25752
- '84.##8.128.25':27132
- '41.#6.20.41':48405
- '81.##7.50.99':52074
- '19#.#7.134.20':44965
- '77.##8.205.139':22969
- ClassName: 'Shell_TrayWnd' WindowName: ''