Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Application TP KtmRm Access Manager' = 'C:\ibfiixozdadgslj\hefxaskh.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Workstation Block Identity UPnP] 'ImagePath' = 'C:\ibfiixozdadgslj\hefxaskh.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Workstation Block Identity UPnP] 'Start' = '00000002'
- 'C:\ibfiixozdadgslj\qyhyiwgd.exe' "c:\ibfiixozdadgslj\hefxaskh.exe"
- 'C:\ibfiixozdadgslj\hefxaskh.exe'
- 'C:\ibfiixozdadgslj\bwu2pftxoicjxpmuhip.exe'
- C:\ibfiixozdadgslj\hefxaskh.exe
- C:\ibfiixozdadgslj\qyhyiwgd.exe
- C:\ibfiixozdadgslj\rz8xlpv
- %WINDIR%\ibfiixozdadgslj\px4mylznjbhp
- C:\ibfiixozdadgslj\px4mylznjbhp
- C:\ibfiixozdadgslj\bwu2pftxoicjxpmuhip.exe
- C:\ibfiixozdadgslj\qyhyiwgd.exe
- C:\ibfiixozdadgslj\hefxaskh.exe
- C:\ibfiixozdadgslj\bwu2pftxoicjxpmuhip.exe
- %WINDIR%\ibfiixozdadgslj\px4mylznjbhp
- %WINDIR%\ibfiixozdadgslj\px4mylznjbhp
- '80.#4.199.6':49579
- '19#.#62.66.148':52345
- '17#.#40.117.149':27603
- '11#.#18.187.28':42065
- '10#.#46.77.146':33927
- '86.##5.19.130':27743
- '79.##5.10.236':21201
- '10#.#2.195.20':39160
- ClassName: 'Shell_TrayWnd' WindowName: ''