Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Auto-Discovery Defender Intelligent' = 'C:\byjuqkkabxd\xutmsoj.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Grouping Distributed Transaction] 'ImagePath' = 'C:\byjuqkkabxd\xutmsoj.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Grouping Distributed Transaction] 'Start' = '00000002'
- 'C:\byjuqkkabxd\rpzwbtbjzsyj.exe' "c:\byjuqkkabxd\xutmsoj.exe"
- 'C:\byjuqkkabxd\xutmsoj.exe'
- 'C:\byjuqkkabxd\sb2h7dqjqsjrd10eosi.exe'
- C:\byjuqkkabxd\xutmsoj.exe
- C:\byjuqkkabxd\rpzwbtbjzsyj.exe
- C:\byjuqkkabxd\de1gcmupre4e
- %WINDIR%\byjuqkkabxd\c8ffwvp
- C:\byjuqkkabxd\c8ffwvp
- C:\byjuqkkabxd\sb2h7dqjqsjrd10eosi.exe
- C:\byjuqkkabxd\rpzwbtbjzsyj.exe
- C:\byjuqkkabxd\xutmsoj.exe
- C:\byjuqkkabxd\sb2h7dqjqsjrd10eosi.exe
- %WINDIR%\byjuqkkabxd\c8ffwvp
- %WINDIR%\byjuqkkabxd\c8ffwvp
- '61.##6.2.217':25840
- '18#.#42.73.242':26662
- '41.##8.41.238':29356
- '73.##.228.84':36884
- '41.#42.27.1':45860
- '78.##5.171.93':23699
- '18#.#49.85.10':32097
- '72.##1.47.203':22399
- ClassName: 'Shell_TrayWnd' WindowName: ''