Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Alerts Desktop Information Engine' = 'C:\qhoxquhydepgcbr\nvkpuyxhknst.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Parental Gateway Fax Spooler Firewall] 'ImagePath' = 'C:\qhoxquhydepgcbr\nvkpuyxhknst.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Parental Gateway Fax Spooler Firewall] 'Start' = '00000002'
- 'C:\qhoxquhydepgcbr\abhmqaexeia.exe' "c:\qhoxquhydepgcbr\nvkpuyxhknst.exe"
- 'C:\qhoxquhydepgcbr\nvkpuyxhknst.exe'
- 'C:\qhoxquhydepgcbr\namc2jagpdk9mjbo7uq.exe'
- C:\qhoxquhydepgcbr\nvkpuyxhknst.exe
- C:\qhoxquhydepgcbr\abhmqaexeia.exe
- C:\qhoxquhydepgcbr\kunydj2na
- %WINDIR%\qhoxquhydepgcbr\ullnt82sbd6
- C:\qhoxquhydepgcbr\ullnt82sbd6
- C:\qhoxquhydepgcbr\namc2jagpdk9mjbo7uq.exe
- C:\qhoxquhydepgcbr\abhmqaexeia.exe
- C:\qhoxquhydepgcbr\nvkpuyxhknst.exe
- C:\qhoxquhydepgcbr\namc2jagpdk9mjbo7uq.exe
- %WINDIR%\qhoxquhydepgcbr\ullnt82sbd6
- %WINDIR%\qhoxquhydepgcbr\ullnt82sbd6
- '81.##7.50.99':52074
- '20#.#36.131.186':52293
- '10#.#4.136.243':42581
- '94.##1.114.138':44254
- '79.##3.139.198':21201
- '61.##6.2.217':25840
- '18#.#42.145.105':26662
- '84.##8.128.25':27132
- '21#.#07.110.82':26314
- '93.##7.67.155':25640
- '78.#7.87.58':21017
- ClassName: 'Shell_TrayWnd' WindowName: ''