Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Link-Layer Performance Portable Print Multimedia' = 'C:\nfvywmebegeuw\rlsuqufchdtc.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\BitLocker SNMP WMI Task DNS Grouping Policy] 'ImagePath' = 'C:\nfvywmebegeuw\rlsuqufchdtc.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\BitLocker SNMP WMI Task DNS Grouping Policy] 'Start' = '00000002'
- 'C:\nfvywmebegeuw\univmzxkzy.exe' "c:\nfvywmebegeuw\rlsuqufchdtc.exe"
- 'C:\nfvywmebegeuw\rlsuqufchdtc.exe'
- 'C:\nfvywmebegeuw\ms3bi3psonsmjuqzn.exe'
- C:\nfvywmebegeuw\rlsuqufchdtc.exe
- C:\nfvywmebegeuw\univmzxkzy.exe
- C:\nfvywmebegeuw\ghhfke2p
- %WINDIR%\nfvywmebegeuw\tnybupvvvs
- C:\nfvywmebegeuw\tnybupvvvs
- C:\nfvywmebegeuw\ms3bi3psonsmjuqzn.exe
- C:\nfvywmebegeuw\univmzxkzy.exe
- C:\nfvywmebegeuw\rlsuqufchdtc.exe
- C:\nfvywmebegeuw\ms3bi3psonsmjuqzn.exe
- %WINDIR%\nfvywmebegeuw\tnybupvvvs
- %WINDIR%\nfvywmebegeuw\tnybupvvvs
- '5.#.166.192':41199
- '72.##1.47.203':22399
- '12#.#60.123.173':36805
- '20#.#11.99.94':37369
- '69.##1.140.58':36102
- '74.#5.64.25':22739
- '84.##8.130.85':27132
- '19#.#45.26.50':31421
- ClassName: 'Shell_TrayWnd' WindowName: ''