Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Protected Software Connections Support PNRP' = 'C:\iizqnccycb\ezclnke.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Event Policy Device Studio] 'ImagePath' = 'C:\iizqnccycb\ezclnke.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Event Policy Device Studio] 'Start' = '00000002'
- 'C:\iizqnccycb\vktiqncmxph.exe' "c:\iizqnccycb\ezclnke.exe"
- 'C:\iizqnccycb\ezclnke.exe'
- 'C:\iizqnccycb\gp2negjuozqxt8v8x.exe'
- C:\iizqnccycb\ezclnke.exe
- C:\iizqnccycb\vktiqncmxph.exe
- C:\iizqnccycb\pdwwteanmtd
- %WINDIR%\iizqnccycb\pfrst8jkk
- C:\iizqnccycb\pfrst8jkk
- C:\iizqnccycb\gp2negjuozqxt8v8x.exe
- C:\iizqnccycb\vktiqncmxph.exe
- C:\iizqnccycb\ezclnke.exe
- C:\iizqnccycb\gp2negjuozqxt8v8x.exe
- %WINDIR%\iizqnccycb\pfrst8jkk
- %WINDIR%\iizqnccycb\pfrst8jkk
- '18#.#21.242.79':46084
- '41.#42.27.1':45860
- '81.##7.50.99':52074
- '18#.#39.143.239':37599
- '74.#5.64.25':22739
- '18#.#0.223.209':25741
- '62.##.253.114':51156
- '19#.#6.240.249':21875
- ClassName: 'Shell_TrayWnd' WindowName: ''