Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Mapper Protection Biometric User-mode' = 'C:\jsymujyhp\tmcbtgrf.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Class Isolation Intelligent WMI] 'ImagePath' = 'C:\jsymujyhp\tmcbtgrf.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Class Isolation Intelligent WMI] 'Start' = '00000002'
- 'C:\jsymujyhp\vfmofxerdcik.exe' "c:\jsymujyhp\tmcbtgrf.exe"
- 'C:\jsymujyhp\tmcbtgrf.exe'
- 'C:\jsymujyhp\djh2wcictnlod8ipuy.exe'
- C:\jsymujyhp\tmcbtgrf.exe
- C:\jsymujyhp\vfmofxerdcik.exe
- C:\jsymujyhp\watncamagxy6
- %WINDIR%\jsymujyhp\hvrkbtvyy1s
- C:\jsymujyhp\hvrkbtvyy1s
- C:\jsymujyhp\djh2wcictnlod8ipuy.exe
- C:\jsymujyhp\vfmofxerdcik.exe
- C:\jsymujyhp\tmcbtgrf.exe
- C:\jsymujyhp\djh2wcictnlod8ipuy.exe
- %WINDIR%\jsymujyhp\hvrkbtvyy1s
- %WINDIR%\jsymujyhp\hvrkbtvyy1s
- '10#.#2.195.20':39160
- '17#.#40.117.149':27603
- '18#.#55.19.91':30767
- '2.##.19.50':35833
- '10#.#46.77.146':33927
- '24.##9.216.168':33794
- '80.##1.86.158':33631
- '18#.#55.237.75':28122
- ClassName: 'Shell_TrayWnd' WindowName: ''