Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Session Ordering Link Error Spooler] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Session Ordering Link Error Spooler] 'ImagePath' = 'C:\yjdbqgcirz\nsdonpaqhat.exe'
- %WINDIR%\yjdbqgcirz\ag5wuq5wfmxg
- C:\yjdbqgcirz\ag5wuq5wfmxg
- C:\yjdbqgcirz\tsrro2vwksctzqhmgi3on.exe
- C:\yjdbqgcirz\nsdonpaqhat.exe
- C:\yjdbqgcirz\gghfuvaszlv.exe
- C:\yjdbqgcirz\aob1nl
- C:\yjdbqgcirz\nsdonpaqhat.exe
- C:\yjdbqgcirz\gghfuvaszlv.exe
- %WINDIR%\yjdbqgcirz\ag5wuq5wfmxg
- C:\yjdbqgcirz\tsrro2vwksctzqhmgi3on.exe
- %WINDIR%\yjdbqgcirz\ag5wuq5wfmxg
- '92.##7.45.207':21921
- '21#.#7.168.28':52231
- '20#.#93.204.80':37195
- '84.##8.130.85':27132
- '79.##7.196.121':45688
- '19#.#0.96.220':41884
- 'C:\yjdbqgcirz\tsrro2vwksctzqhmgi3on.exe'
- 'C:\yjdbqgcirz\nsdonpaqhat.exe'
- 'C:\yjdbqgcirz\gghfuvaszlv.exe' "c:\yjdbqgcirz\nsdonpaqhat.exe"