Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Font Health Connect Diagnostic Transaction' = 'C:\kghsnhlwtkdeq\jlyqgpiyx.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Media Firewall Studio Input Awareness CNG] 'ImagePath' = 'C:\kghsnhlwtkdeq\jlyqgpiyx.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Media Firewall Studio Input Awareness CNG] 'Start' = '00000002'
- 'C:\kghsnhlwtkdeq\ephungku.exe' "c:\kghsnhlwtkdeq\jlyqgpiyx.exe"
- 'C:\kghsnhlwtkdeq\jlyqgpiyx.exe'
- 'C:\kghsnhlwtkdeq\gpkt3khvlyzdozloo1f.exe'
- C:\kghsnhlwtkdeq\jlyqgpiyx.exe
- C:\kghsnhlwtkdeq\ephungku.exe
- C:\kghsnhlwtkdeq\fknwoxbwaou
- %WINDIR%\kghsnhlwtkdeq\f1qlfi
- C:\kghsnhlwtkdeq\f1qlfi
- C:\kghsnhlwtkdeq\gpkt3khvlyzdozloo1f.exe
- C:\kghsnhlwtkdeq\ephungku.exe
- C:\kghsnhlwtkdeq\jlyqgpiyx.exe
- C:\kghsnhlwtkdeq\gpkt3khvlyzdozloo1f.exe
- %WINDIR%\kghsnhlwtkdeq\f1qlfi
- %WINDIR%\kghsnhlwtkdeq\f1qlfi
- '95.##7.243.188':49038
- '18#.#5.131.224':26337
- '10#.#02.79.27':36272
- '19#.#45.26.50':31421
- '74.#5.64.25':22739
- '83.##0.248.151':23268
- '69.##1.140.58':36102
- '88.##.203.114':40413
- ClassName: 'Shell_TrayWnd' WindowName: ''