Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Desktop RPC Driver Browser Builder Copy' = 'C:\keidjpl\omzfsvm.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Socket Scheduler DNS Function Routing Shadow TP] 'ImagePath' = 'C:\keidjpl\omzfsvm.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Socket Scheduler DNS Function Routing Shadow TP] 'Start' = '00000002'
- 'C:\keidjpl\awlsrezbehcc.exe' "c:\keidjpl\omzfsvm.exe"
- 'C:\keidjpl\omzfsvm.exe'
- 'C:\keidjpl\im2oujwccwapkwq8lkv.exe'
- C:\keidjpl\omzfsvm.exe
- C:\keidjpl\awlsrezbehcc.exe
- C:\keidjpl\fbjhm1x7icvw
- %WINDIR%\keidjpl\whbpvc9
- C:\keidjpl\whbpvc9
- C:\keidjpl\im2oujwccwapkwq8lkv.exe
- C:\keidjpl\awlsrezbehcc.exe
- C:\keidjpl\omzfsvm.exe
- C:\keidjpl\im2oujwccwapkwq8lkv.exe
- %WINDIR%\keidjpl\whbpvc9
- %WINDIR%\keidjpl\whbpvc9
- '84.##2.194.230':27426
- '70.##5.4.143':41500
- '21#.#7.168.28':52231
- '22#.#1.110.45':48008
- '10#.#02.79.27':36272
- '18#.#45.182.189':37331
- '12#.#60.112.138':27440
- '72.##1.47.203':22399
- ClassName: 'Shell_TrayWnd' WindowName: ''