Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Block Window Compatibility Event Modules Card' = 'C:\vpqpzbty\msgcchhe.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Visual Search Discovery Upgrade IP Endpoint] 'ImagePath' = 'C:\vpqpzbty\msgcchhe.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Visual Search Discovery Upgrade IP Endpoint] 'Start' = '00000002'
- 'C:\vpqpzbty\txqxstqjrwgn.exe' "c:\vpqpzbty\msgcchhe.exe"
- 'C:\vpqpzbty\msgcchhe.exe'
- 'C:\vpqpzbty\iipjd2weomgra4mnbodq.exe'
- C:\vpqpzbty\msgcchhe.exe
- C:\vpqpzbty\txqxstqjrwgn.exe
- C:\vpqpzbty\j0chgc
- %WINDIR%\vpqpzbty\qzg0rilnjppw
- C:\vpqpzbty\qzg0rilnjppw
- C:\vpqpzbty\iipjd2weomgra4mnbodq.exe
- C:\vpqpzbty\txqxstqjrwgn.exe
- C:\vpqpzbty\msgcchhe.exe
- C:\vpqpzbty\iipjd2weomgra4mnbodq.exe
- %WINDIR%\vpqpzbty\qzg0rilnjppw
- %WINDIR%\vpqpzbty\qzg0rilnjppw
- '92.##7.78.237':47427
- '84.##8.130.85':27132
- '18#.#0.220.30':25741
- '98.##0.152.114':48605
- '62.##1.108.194':20068
- '22#.#1.110.45':48008
- '79.##.202.44':23699
- '20#.#71.22.221':32994
- ClassName: 'Shell_TrayWnd' WindowName: ''