Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'File User UserMode Layer Controls' = 'C:\yflacutbqdbwide\hzoaajw.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Quality Remote KtmRm Helper Human] 'ImagePath' = 'C:\yflacutbqdbwide\hzoaajw.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Quality Remote KtmRm Helper Human] 'Start' = '00000002'
- 'C:\yflacutbqdbwide\knnclrscob.exe' "c:\yflacutbqdbwide\hzoaajw.exe"
- 'C:\yflacutbqdbwide\hzoaajw.exe'
- 'C:\yflacutbqdbwide\rnq2g0unzijbj5tbrvi.exe'
- C:\yflacutbqdbwide\hzoaajw.exe
- C:\yflacutbqdbwide\knnclrscob.exe
- C:\yflacutbqdbwide\hakiiek7
- %WINDIR%\yflacutbqdbwide\ammvholrzqbp
- C:\yflacutbqdbwide\ammvholrzqbp
- C:\yflacutbqdbwide\rnq2g0unzijbj5tbrvi.exe
- C:\yflacutbqdbwide\knnclrscob.exe
- C:\yflacutbqdbwide\hzoaajw.exe
- C:\yflacutbqdbwide\rnq2g0unzijbj5tbrvi.exe
- %WINDIR%\yflacutbqdbwide\ammvholrzqbp
- %WINDIR%\yflacutbqdbwide\ammvholrzqbp
- '10#.#67.38.149':20466
- '20#.#71.22.221':32994
- '18#.#45.182.189':37331
- '24.##1.42.214':47782
- '5.#.166.192':41199
- '72.##1.47.203':22399
- '17#.#50.138.208':20422
- '19#.#0.41.168':43832
- ClassName: 'Shell_TrayWnd' WindowName: ''