Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Internet Counter Acquisition Upgrade Host' = 'C:\jrjhocprf\kwclamk.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Human Power Store Virtual] 'ImagePath' = 'C:\jrjhocprf\kwclamk.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Human Power Store Virtual] 'Start' = '00000002'
- 'C:\jrjhocprf\nwdpsytzv.exe' "c:\jrjhocprf\kwclamk.exe"
- 'C:\jrjhocprf\kwclamk.exe'
- 'C:\jrjhocprf\aw3fdurmhazq7wpz.exe'
- C:\jrjhocprf\kwclamk.exe
- C:\jrjhocprf\nwdpsytzv.exe
- C:\jrjhocprf\ifjovss
- %WINDIR%\jrjhocprf\dqzmxu8ri
- C:\jrjhocprf\dqzmxu8ri
- C:\jrjhocprf\aw3fdurmhazq7wpz.exe
- C:\jrjhocprf\nwdpsytzv.exe
- C:\jrjhocprf\kwclamk.exe
- C:\jrjhocprf\aw3fdurmhazq7wpz.exe
- %WINDIR%\jrjhocprf\dqzmxu8ri
- %WINDIR%\jrjhocprf\dqzmxu8ri
- '10#.#25.112.152':47507
- '24.##1.42.214':47782
- '11#.#18.187.28':42065
- '18#.#45.182.189':37331
- '98.##0.152.114':48605
- '2.##.156.247':35711
- '19#.#62.66.148':52345
- '83.##0.248.151':23268
- ClassName: 'Shell_TrayWnd' WindowName: ''