Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Scheduler Audio Image Spooler Telephony' = 'C:\hvwcbslkkatmj\aaupjmjez.exe'
- 'C:\hvwcbslkkatmj\owesbah.exe' "c:\hvwcbslkkatmj\aaupjmjez.exe"
- 'C:\hvwcbslkkatmj\aaupjmjez.exe'
- 'C:\hvwcbslkkatmj\h8oe2n2bvcohe8bzp.exe'
- C:\hvwcbslkkatmj\aaupjmjez.exe
- C:\hvwcbslkkatmj\owesbah.exe
- C:\hvwcbslkkatmj\z1uzxvzee
- %WINDIR%\hvwcbslkkatmj\recspobx
- C:\hvwcbslkkatmj\recspobx
- C:\hvwcbslkkatmj\h8oe2n2bvcohe8bzp.exe
- C:\hvwcbslkkatmj\owesbah.exe
- C:\hvwcbslkkatmj\aaupjmjez.exe
- C:\hvwcbslkkatmj\h8oe2n2bvcohe8bzp.exe
- %WINDIR%\hvwcbslkkatmj\recspobx
- %WINDIR%\hvwcbslkkatmj\recspobx
- '12#.#60.112.138':27440
- '18#.#38.249.34':37331
- '2.##.19.50':35833
- '21#.#65.0.136':35711
- '81.##4.87.112':37714
- '20#.#95.172.22':41884
- '19#.#7.134.20':44965
- ClassName: 'Shell_TrayWnd' WindowName: ''