Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'TCP/IP Store Isolation Hardware' = 'C:\kuqdbcc\qshhbculfyw.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Software Awareness Tunneling] 'ImagePath' = 'C:\kuqdbcc\qshhbculfyw.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Software Awareness Tunneling] 'Start' = '00000002'
- 'C:\kuqdbcc\zxmamyrf.exe' "c:\kuqdbcc\qshhbculfyw.exe"
- 'C:\kuqdbcc\qshhbculfyw.exe'
- 'C:\kuqdbcc\utw34vsvlynpeiae.exe'
- %TEMP%\WER6a1c.dir00\qshhbculfyw.exe.hdmp
- %TEMP%\WER6a1c.dir00\appcompat.txt
- %TEMP%\WER43b0.dir00\manifest.txt
- %TEMP%\WER6a1c.dir00\qshhbculfyw.exe.mdmp
- %TEMP%\WER6a1c.dir00\manifest.txt
- %TEMP%\WER4fcd.dir00\appcompat.txt
- %TEMP%\WER4fcd.dir00\manifest.txt
- %TEMP%\WER4fcd.dir00\qshhbculfyw.exe.mdmp
- %TEMP%\WER4fcd.dir00\qshhbculfyw.exe.hdmp
- C:\kuqdbcc\utw34vsvlynpeiae.exe
- C:\kuqdbcc\qshhbculfyw.exe
- %WINDIR%\kuqdbcc\tivhgizp
- C:\kuqdbcc\tivhgizp
- C:\kuqdbcc\zxmamyrf.exe
- %TEMP%\WER43b0.dir00\qshhbculfyw.exe.hdmp
- %TEMP%\WER43b0.dir00\appcompat.txt
- C:\kuqdbcc\ud1tjl
- %TEMP%\WER43b0.dir00\qshhbculfyw.exe.mdmp
- C:\kuqdbcc\zxmamyrf.exe
- C:\kuqdbcc\qshhbculfyw.exe
- C:\kuqdbcc\utw34vsvlynpeiae.exe
- %WINDIR%\kuqdbcc\tivhgizp
- %WINDIR%\kuqdbcc\tivhgizp
- ClassName: 'Shell_TrayWnd' WindowName: ''