Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HomeGroup Windows Extender Controls' = 'C:\kfqurrcffgs\cvqyjsgehalj.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Proxy Credential Themes Color] 'ImagePath' = 'C:\kfqurrcffgs\cvqyjsgehalj.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Proxy Credential Themes Color] 'Start' = '00000002'
- 'C:\kfqurrcffgs\cgdthjnzlrg.exe' "c:\kfqurrcffgs\cvqyjsgehalj.exe"
- 'C:\kfqurrcffgs\cvqyjsgehalj.exe'
- 'C:\kfqurrcffgs\mcu317fejdjicqyw.exe'
- C:\kfqurrcffgs\cvqyjsgehalj.exe
- C:\kfqurrcffgs\cgdthjnzlrg.exe
- C:\kfqurrcffgs\fpdup6kc
- %WINDIR%\kfqurrcffgs\fysjynh
- C:\kfqurrcffgs\fysjynh
- C:\kfqurrcffgs\mcu317fejdjicqyw.exe
- C:\kfqurrcffgs\cgdthjnzlrg.exe
- C:\kfqurrcffgs\cvqyjsgehalj.exe
- C:\kfqurrcffgs\mcu317fejdjicqyw.exe
- %WINDIR%\kfqurrcffgs\fysjynh
- %WINDIR%\kfqurrcffgs\fysjynh
- '18#.#21.242.79':46084
- '19#.#7.134.20':44965
- '15#.#82.245.137':33982
- '81.##4.87.112':37714
- '88.#48.36.4':25752
- '18#.2.4.92':44843
- '20#.#7.225.58':33073
- '12#.#60.123.173':36805
- ClassName: 'Shell_TrayWnd' WindowName: ''