Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Thread Registry NGEN Network Themes Routing' = 'C:\znmmxwtc\ucojaekbljh.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Firewall Function Service User Transfer] 'ImagePath' = 'C:\znmmxwtc\ucojaekbljh.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Firewall Function Service User Transfer] 'Start' = '00000002'
- 'C:\znmmxwtc\naoesdiedlrq.exe' "c:\znmmxwtc\ucojaekbljh.exe"
- 'C:\znmmxwtc\ucojaekbljh.exe'
- 'C:\znmmxwtc\ingo2iioa2onla6jez.exe'
- C:\znmmxwtc\ucojaekbljh.exe
- C:\znmmxwtc\naoesdiedlrq.exe
- C:\znmmxwtc\gbs8kt
- %WINDIR%\znmmxwtc\gtkqnzd
- C:\znmmxwtc\gtkqnzd
- C:\znmmxwtc\ingo2iioa2onla6jez.exe
- C:\znmmxwtc\naoesdiedlrq.exe
- C:\znmmxwtc\ucojaekbljh.exe
- C:\znmmxwtc\ingo2iioa2onla6jez.exe
- %WINDIR%\znmmxwtc\gtkqnzd
- %WINDIR%\znmmxwtc\gtkqnzd
- '24.##1.42.214':47782
- '11#.#6.137.96':49919
- '18#.#22.45.37':46084
- '19#.#0.41.168':43832
- '19#.#7.134.20':44965
- '62.##.253.114':51156
- '10#.#56.58.121':45860
- '5.#.166.192':41199
- ClassName: 'Shell_TrayWnd' WindowName: ''