Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Locator Performance Play Backup' = 'C:\wxfqughjmbt\cjceeui.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Tracking Call Trap Modules Secure User-mode] 'ImagePath' = 'C:\wxfqughjmbt\cjceeui.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Tracking Call Trap Modules Secure User-mode] 'Start' = '00000002'
- 'C:\wxfqughjmbt\unvyolrjiazw.exe' "c:\wxfqughjmbt\cjceeui.exe"
- 'C:\wxfqughjmbt\cjceeui.exe'
- 'C:\wxfqughjmbt\vo2emhzqwe0xhdvwc.exe'
- C:\wxfqughjmbt\cjceeui.exe
- C:\wxfqughjmbt\unvyolrjiazw.exe
- C:\wxfqughjmbt\alqgof6c
- %WINDIR%\wxfqughjmbt\tu4yl01dvbz
- C:\wxfqughjmbt\tu4yl01dvbz
- C:\wxfqughjmbt\vo2emhzqwe0xhdvwc.exe
- C:\wxfqughjmbt\unvyolrjiazw.exe
- C:\wxfqughjmbt\cjceeui.exe
- C:\wxfqughjmbt\vo2emhzqwe0xhdvwc.exe
- %WINDIR%\wxfqughjmbt\tu4yl01dvbz
- %WINDIR%\wxfqughjmbt\tu4yl01dvbz
- '78.#7.87.58':21017
- '10#.#24.230.242':49777
- '94.##1.114.138':44254
- '78.##5.171.93':23699
- '18#.#42.145.105':26662
- '20#.#7.225.58':33073
- '18#.#38.249.34':37331
- '81.##4.87.112':37714
- '87.##.238.184':44724
- '20#.#23.152.97':27682
- '84.##8.128.25':27132
- ClassName: 'Shell_TrayWnd' WindowName: ''