Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Task Builder Themes Windows Now' = 'C:\qloznibtuiqsb\loqktrmstr.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\AutoConfig NGEN Session Mapper] 'ImagePath' = 'C:\qloznibtuiqsb\loqktrmstr.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\AutoConfig NGEN Session Mapper] 'Start' = '00000002'
- 'C:\qloznibtuiqsb\ltsbfqaeswcz.exe' "c:\qloznibtuiqsb\loqktrmstr.exe"
- 'C:\qloznibtuiqsb\loqktrmstr.exe'
- 'C:\qloznibtuiqsb\ypwq2kg4vfdevi5w3c.exe'
- C:\qloznibtuiqsb\loqktrmstr.exe
- C:\qloznibtuiqsb\ltsbfqaeswcz.exe
- C:\qloznibtuiqsb\slipexeovsa
- %WINDIR%\qloznibtuiqsb\n19vqvun
- C:\qloznibtuiqsb\n19vqvun
- C:\qloznibtuiqsb\ypwq2kg4vfdevi5w3c.exe
- C:\qloznibtuiqsb\ltsbfqaeswcz.exe
- C:\qloznibtuiqsb\loqktrmstr.exe
- C:\qloznibtuiqsb\ypwq2kg4vfdevi5w3c.exe
- %WINDIR%\qloznibtuiqsb\n19vqvun
- %WINDIR%\qloznibtuiqsb\n19vqvun
- '18#.#21.242.79':46084
- '20#.#70.58.68':37727
- '73.##.228.84':36884
- '10#.#02.79.27':36272
- '79.##7.196.121':45688
- '77.##8.205.139':22969
- '2.##.19.50':35833
- '18#.#5.131.224':26337
- ClassName: 'Shell_TrayWnd' WindowName: ''