Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Initiator Remote Connections' = 'C:\dvjqwcvxar\hghvsnoetrh.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Access Procedure HomeGroup Port Server] 'ImagePath' = 'C:\dvjqwcvxar\hghvsnoetrh.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Access Procedure HomeGroup Port Server] 'Start' = '00000002'
- 'C:\dvjqwcvxar\fikariqxail.exe' "c:\dvjqwcvxar\hghvsnoetrh.exe"
- 'C:\dvjqwcvxar\hghvsnoetrh.exe'
- 'C:\dvjqwcvxar\hcf2pbwnptfgdrynn.exe'
- C:\dvjqwcvxar\hghvsnoetrh.exe
- C:\dvjqwcvxar\fikariqxail.exe
- C:\dvjqwcvxar\vpphrzkcpaya
- %WINDIR%\dvjqwcvxar\gtxfd03
- C:\dvjqwcvxar\gtxfd03
- C:\dvjqwcvxar\hcf2pbwnptfgdrynn.exe
- C:\dvjqwcvxar\fikariqxail.exe
- C:\dvjqwcvxar\hghvsnoetrh.exe
- C:\dvjqwcvxar\hcf2pbwnptfgdrynn.exe
- %WINDIR%\dvjqwcvxar\gtxfd03
- %WINDIR%\dvjqwcvxar\gtxfd03
- '72.##1.207.62':22399
- '70.##2.38.96':41500
- '74.#5.64.25':22739
- '17#.#50.138.208':20422
- '20#.#23.152.97':27682
- '88.#48.36.4':25752
- '62.##.253.114':51156
- '79.##7.196.121':45688
- '41.##2.44.224':45860
- '84.##8.128.25':27132
- '5.##.19.242':27426
- '21#.#7.168.28':52231
- '17#.37.2.43':44303
- ClassName: 'Shell_TrayWnd' WindowName: ''