Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Interface Machine Wired AuthIP' = 'C:\lewehsjkapszctg\betkypcjev.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Adapter Source Web Extender Connection] 'ImagePath' = 'C:\lewehsjkapszctg\betkypcjev.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Adapter Source Web Extender Connection] 'Start' = '00000002'
- 'C:\lewehsjkapszctg\xjvtpacjkwx.exe' "c:\lewehsjkapszctg\betkypcjev.exe"
- 'C:\lewehsjkapszctg\betkypcjev.exe'
- 'C:\lewehsjkapszctg\wqr3c21lkzlkrgzqa.exe'
- C:\lewehsjkapszctg\betkypcjev.exe
- C:\lewehsjkapszctg\xjvtpacjkwx.exe
- C:\lewehsjkapszctg\uffugrhu
- %WINDIR%\lewehsjkapszctg\zvvss9ntesge
- C:\lewehsjkapszctg\zvvss9ntesge
- C:\lewehsjkapszctg\wqr3c21lkzlkrgzqa.exe
- C:\lewehsjkapszctg\xjvtpacjkwx.exe
- C:\lewehsjkapszctg\betkypcjev.exe
- C:\lewehsjkapszctg\wqr3c21lkzlkrgzqa.exe
- %WINDIR%\lewehsjkapszctg\zvvss9ntesge
- %WINDIR%\lewehsjkapszctg\zvvss9ntesge
- '79.##1.239.74':42581
- '19#.#54.74.242':31770
- '67.##.64.252':27314
- '18#.2.4.92':44843
- '70.##5.4.143':41500
- '41.#6.20.41':48405
- '86.##5.19.130':27743
- '2.##.19.50':35833
- ClassName: 'Shell_TrayWnd' WindowName: ''