Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Resource Counter Adaptive Files Gateway' = 'C:\zlptdyhnx\vzmvlwdb.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Process Problem Font Protected] 'ImagePath' = 'C:\zlptdyhnx\vzmvlwdb.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Process Problem Font Protected] 'Start' = '00000002'
- 'C:\zlptdyhnx\kfgyirbxxt.exe' "c:\zlptdyhnx\vzmvlwdb.exe"
- 'C:\zlptdyhnx\vzmvlwdb.exe'
- 'C:\zlptdyhnx\vcu2guso0xulh3n1o8m.exe'
- C:\zlptdyhnx\vzmvlwdb.exe
- C:\zlptdyhnx\kfgyirbxxt.exe
- C:\zlptdyhnx\nimodc
- %WINDIR%\zlptdyhnx\bukq8dkx0sjp
- C:\zlptdyhnx\bukq8dkx0sjp
- C:\zlptdyhnx\vcu2guso0xulh3n1o8m.exe
- C:\zlptdyhnx\kfgyirbxxt.exe
- C:\zlptdyhnx\vzmvlwdb.exe
- C:\zlptdyhnx\vcu2guso0xulh3n1o8m.exe
- %WINDIR%\zlptdyhnx\bukq8dkx0sjp
- %WINDIR%\zlptdyhnx\bukq8dkx0sjp
- '5.#.166.192':41199
- '10#.#02.79.27':36272
- '11#.#42.143.147':31567
- '18#.#45.182.189':37331
- '19#.#7.134.20':44965
- '86.##5.219.12':21375
- '20#.#7.225.58':33073
- '18#.#0.220.30':25741
- ClassName: 'Shell_TrayWnd' WindowName: ''