Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Program Grouping Controls Spooler SSDP' = 'C:\ohhtszhww\vnqfrag.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Audio Accounts AuthIP Class PC] 'ImagePath' = 'C:\ohhtszhww\vnqfrag.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Audio Accounts AuthIP Class PC] 'Start' = '00000002'
- 'C:\ohhtszhww\tibmmfersktu.exe' "c:\ohhtszhww\vnqfrag.exe"
- 'C:\ohhtszhww\vnqfrag.exe'
- 'C:\ohhtszhww\ihf3awtlrcrhreaaax.exe'
- C:\ohhtszhww\vnqfrag.exe
- C:\ohhtszhww\tibmmfersktu.exe
- C:\ohhtszhww\xnczjb
- %WINDIR%\ohhtszhww\v0gjnkbcalm
- C:\ohhtszhww\v0gjnkbcalm
- C:\ohhtszhww\ihf3awtlrcrhreaaax.exe
- C:\ohhtszhww\tibmmfersktu.exe
- C:\ohhtszhww\vnqfrag.exe
- C:\ohhtszhww\ihf3awtlrcrhreaaax.exe
- %WINDIR%\ohhtszhww\v0gjnkbcalm
- %WINDIR%\ohhtszhww\v0gjnkbcalm
- '17#.#40.117.149':27603
- '18#.#42.107.86':26662
- '37.##2.223.103':22969
- '18#.#45.182.189':37331
- '82.##7.164.91':40801
- '20#.#71.22.221':32994
- '10#.#28.239.221':49777
- '21#.#19.80.21':36542
- ClassName: 'Shell_TrayWnd' WindowName: ''