Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Background Tracking Parental SNMP DHCP' = 'C:\dfksquhcmngp\qpufzfoshs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Server Debugger NGEN Adapter Auto] 'ImagePath' = 'C:\dfksquhcmngp\qpufzfoshs.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Server Debugger NGEN Adapter Auto] 'Start' = '00000002'
- 'C:\dfksquhcmngp\lgumrou.exe' "c:\dfksquhcmngp\qpufzfoshs.exe"
- 'C:\dfksquhcmngp\qpufzfoshs.exe'
- 'C:\dfksquhcmngp\iko2lzoatlwgwcgg2j.exe'
- C:\dfksquhcmngp\qpufzfoshs.exe
- C:\dfksquhcmngp\lgumrou.exe
- C:\dfksquhcmngp\udzojzdov9hd
- %WINDIR%\dfksquhcmngp\mwhzdfwlcm
- C:\dfksquhcmngp\mwhzdfwlcm
- C:\dfksquhcmngp\iko2lzoatlwgwcgg2j.exe
- C:\dfksquhcmngp\lgumrou.exe
- C:\dfksquhcmngp\qpufzfoshs.exe
- C:\dfksquhcmngp\iko2lzoatlwgwcgg2j.exe
- %WINDIR%\dfksquhcmngp\mwhzdfwlcm
- %WINDIR%\dfksquhcmngp\mwhzdfwlcm
- '81.##7.50.99':52074
- '79.##.202.44':23699
- '18#.2.4.92':44843
- '85.##.122.169':40540
- '37.##2.223.103':22969
- '19#.#62.66.148':52345
- '62.##.253.114':51156
- '24.##1.42.214':47782
- ClassName: 'Shell_TrayWnd' WindowName: ''