Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'CardSpace ActiveX Logon' = 'C:\lslecjkxqjyyver\buzcuyvbvkzc.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Machine Presentation iSCSI Accounts Network] 'ImagePath' = 'C:\lslecjkxqjyyver\buzcuyvbvkzc.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Machine Presentation iSCSI Accounts Network] 'Start' = '00000002'
- 'C:\lslecjkxqjyyver\eqzspxay.exe' "c:\lslecjkxqjyyver\buzcuyvbvkzc.exe"
- 'C:\lslecjkxqjyyver\buzcuyvbvkzc.exe'
- 'C:\lslecjkxqjyyver\ihi2pb1oohrrfdxss.exe'
- C:\lslecjkxqjyyver\buzcuyvbvkzc.exe
- C:\lslecjkxqjyyver\eqzspxay.exe
- C:\lslecjkxqjyyver\liefqsxr
- %WINDIR%\lslecjkxqjyyver\kbe2dvv
- C:\lslecjkxqjyyver\kbe2dvv
- C:\lslecjkxqjyyver\ihi2pb1oohrrfdxss.exe
- C:\lslecjkxqjyyver\eqzspxay.exe
- C:\lslecjkxqjyyver\buzcuyvbvkzc.exe
- C:\lslecjkxqjyyver\ihi2pb1oohrrfdxss.exe
- %WINDIR%\lslecjkxqjyyver\kbe2dvv
- %WINDIR%\lslecjkxqjyyver\kbe2dvv
- '18#.#50.153.254':32097
- '31.##7.83.237':44843
- '20#.#23.152.97':27682
- '41.##8.41.238':29356
- '86.#8.69.58':22437
- '70.##2.38.96':41500
- '21#.#65.0.136':35711
- '17#.#50.138.208':20422
- '11#.#6.137.96':49919
- '10#.#46.77.146':33927
- ClassName: 'Shell_TrayWnd' WindowName: ''