Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Workstation Smart Event Logon' = 'C:\wztwycpveamnvt\gtzarfnytj.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Identity Adapter Counter] 'ImagePath' = 'C:\wztwycpveamnvt\gtzarfnytj.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Identity Adapter Counter] 'Start' = '00000002'
- 'C:\wztwycpveamnvt\jvcbqndicakm.exe' "c:\wztwycpveamnvt\gtzarfnytj.exe"
- 'C:\wztwycpveamnvt\gtzarfnytj.exe'
- 'C:\wztwycpveamnvt\flfd36lvfwbovi4emtooe.exe'
- C:\wztwycpveamnvt\gtzarfnytj.exe
- C:\wztwycpveamnvt\jvcbqndicakm.exe
- C:\wztwycpveamnvt\nqtmkuqctlw
- %WINDIR%\wztwycpveamnvt\yokqsieum1dz
- C:\wztwycpveamnvt\yokqsieum1dz
- C:\wztwycpveamnvt\flfd36lvfwbovi4emtooe.exe
- C:\wztwycpveamnvt\jvcbqndicakm.exe
- C:\wztwycpveamnvt\gtzarfnytj.exe
- C:\wztwycpveamnvt\flfd36lvfwbovi4emtooe.exe
- %WINDIR%\wztwycpveamnvt\yokqsieum1dz
- %WINDIR%\wztwycpveamnvt\yokqsieum1dz
- '19#.#6.240.249':21875
- '20#.#7.225.58':33073
- '77.##8.205.139':22969
- '12#.#60.123.173':36805
- '10#.#28.239.221':49777
- '77.##7.13.68':30018
- '18#.#39.143.239':37599
- '10#.#25.112.152':47507
- ClassName: 'Shell_TrayWnd' WindowName: ''