Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Transaction Interactive Fax' = 'C:\nkwfmgvlq\kfnaszx.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Reporting Copy COM+ Studio Networking] 'ImagePath' = 'C:\nkwfmgvlq\kfnaszx.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Reporting Copy COM+ Studio Networking] 'Start' = '00000002'
- 'C:\nkwfmgvlq\gqixzakgjns.exe' "c:\nkwfmgvlq\kfnaszx.exe"
- 'C:\nkwfmgvlq\kfnaszx.exe'
- 'C:\nkwfmgvlq\oqo2g4qxludfor7n.exe'
- C:\nkwfmgvlq\kfnaszx.exe
- C:\nkwfmgvlq\gqixzakgjns.exe
- C:\nkwfmgvlq\wqultdfr
- %WINDIR%\nkwfmgvlq\sdhel0
- C:\nkwfmgvlq\sdhel0
- C:\nkwfmgvlq\oqo2g4qxludfor7n.exe
- C:\nkwfmgvlq\gqixzakgjns.exe
- C:\nkwfmgvlq\kfnaszx.exe
- C:\nkwfmgvlq\oqo2g4qxludfor7n.exe
- %WINDIR%\nkwfmgvlq\sdhel0
- %WINDIR%\nkwfmgvlq\sdhel0
- '91.##.35.122':26126
- '78.##5.171.93':23699
- '95.##.58.101':23245
- '18#.#50.153.254':32097
- '79.##3.139.198':21201
- '24.##9.216.168':33794
- '2.##.19.50':35833
- '72.##1.207.62':22399
- '5.##.19.242':27426
- '31.##7.83.237':44843
- '18#.#38.249.34':37331
- '77.##7.13.68':30018
- ClassName: 'Shell_TrayWnd' WindowName: ''