Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HomeGroup Telephony Storage' = 'C:\xrvxsqbtnvymy\ioxjhwp.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Endpoint Machine Control Print COM+ Connectivity] 'ImagePath' = 'C:\xrvxsqbtnvymy\ioxjhwp.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Endpoint Machine Control Print COM+ Connectivity] 'Start' = '00000002'
- 'C:\xrvxsqbtnvymy\iotvvdc.exe' "c:\xrvxsqbtnvymy\ioxjhwp.exe"
- 'C:\xrvxsqbtnvymy\ioxjhwp.exe'
- 'C:\xrvxsqbtnvymy\xkix52jaglowhfwcbcu.exe'
- C:\xrvxsqbtnvymy\ioxjhwp.exe
- C:\xrvxsqbtnvymy\iotvvdc.exe
- C:\xrvxsqbtnvymy\o7nluv
- %WINDIR%\xrvxsqbtnvymy\c9mlqkz6nla
- C:\xrvxsqbtnvymy\c9mlqkz6nla
- C:\xrvxsqbtnvymy\xkix52jaglowhfwcbcu.exe
- C:\xrvxsqbtnvymy\iotvvdc.exe
- C:\xrvxsqbtnvymy\ioxjhwp.exe
- C:\xrvxsqbtnvymy\xkix52jaglowhfwcbcu.exe
- %WINDIR%\xrvxsqbtnvymy\c9mlqkz6nla
- %WINDIR%\xrvxsqbtnvymy\c9mlqkz6nla
- '19#.#54.74.242':31770
- '98.##0.152.114':48605
- '18#.#45.182.189':37331
- '10#.#2.195.20':39160
- '20#.#11.99.94':37369
- '79.##5.10.236':21201
- '87.##6.160.36':41347
- '93.##7.67.155':25640
- ClassName: 'Shell_TrayWnd' WindowName: ''