Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Procedure Isolation Configuration Drive' = 'C:\pqunxnv\ythqfvqatmzn.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Identity Server Brightness IP] 'ImagePath' = 'C:\pqunxnv\ythqfvqatmzn.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Identity Server Brightness IP] 'Start' = '00000002'
- 'C:\pqunxnv\lmeowkce.exe' "c:\pqunxnv\ythqfvqatmzn.exe"
- 'C:\pqunxnv\ythqfvqatmzn.exe'
- 'C:\pqunxnv\kqf3fraedydbofbcxs.exe'
- C:\pqunxnv\ythqfvqatmzn.exe
- C:\pqunxnv\lmeowkce.exe
- C:\pqunxnv\qgltjd3kputm
- %WINDIR%\pqunxnv\vtxk8gszgf2i
- C:\pqunxnv\vtxk8gszgf2i
- C:\pqunxnv\kqf3fraedydbofbcxs.exe
- C:\pqunxnv\lmeowkce.exe
- C:\pqunxnv\ythqfvqatmzn.exe
- C:\pqunxnv\kqf3fraedydbofbcxs.exe
- %WINDIR%\pqunxnv\vtxk8gszgf2i
- %WINDIR%\pqunxnv\vtxk8gszgf2i
- '11#.#42.143.147':31567
- '83.##0.248.151':23268
- '17#.#40.117.149':27603
- '21#.#19.80.21':36542
- '82.##7.164.91':40801
- '19#.#54.74.242':31770
- '87.##.238.184':44724
- '62.##.253.114':51156
- ClassName: 'Shell_TrayWnd' WindowName: ''