Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Encryption Network Link Class' = 'C:\aemiilcwldlakc\tcwiyqmvn.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\UPnP System Layer SPP WWAN Wired] 'ImagePath' = 'C:\aemiilcwldlakc\tcwiyqmvn.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\UPnP System Layer SPP WWAN Wired] 'Start' = '00000002'
- 'C:\aemiilcwldlakc\ziikrvfcl.exe' "c:\aemiilcwldlakc\tcwiyqmvn.exe"
- 'C:\aemiilcwldlakc\tcwiyqmvn.exe'
- 'C:\aemiilcwldlakc\af2t3eacrihwpsudfhev.exe'
- C:\aemiilcwldlakc\tcwiyqmvn.exe
- C:\aemiilcwldlakc\ziikrvfcl.exe
- C:\aemiilcwldlakc\eru2godp
- %WINDIR%\aemiilcwldlakc\xmuvts4dj
- C:\aemiilcwldlakc\xmuvts4dj
- C:\aemiilcwldlakc\af2t3eacrihwpsudfhev.exe
- C:\aemiilcwldlakc\ziikrvfcl.exe
- C:\aemiilcwldlakc\tcwiyqmvn.exe
- C:\aemiilcwldlakc\af2t3eacrihwpsudfhev.exe
- %WINDIR%\aemiilcwldlakc\xmuvts4dj
- %WINDIR%\aemiilcwldlakc\xmuvts4dj
- '10#.#67.38.149':20466
- '2.##.156.247':35711
- '18#.#07.197.116':24498
- '92.##7.45.207':21921
- '86.##5.10.227':45279
- '18#.#5.131.224':26337
- '77.##.186.45':43519
- '2.##.19.50':35833
- ClassName: 'Shell_TrayWnd' WindowName: ''