Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Presentation Peer Drive Framework ActiveX' = 'C:\wdgopayuylwn\hrsvjonxtgn.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Publication Image Browser Wired Shell Machine] 'ImagePath' = 'C:\wdgopayuylwn\hrsvjonxtgn.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Publication Image Browser Wired Shell Machine] 'Start' = '00000002'
- 'C:\wdgopayuylwn\migbqfpt.exe' "c:\wdgopayuylwn\hrsvjonxtgn.exe"
- 'C:\wdgopayuylwn\hrsvjonxtgn.exe'
- 'C:\wdgopayuylwn\ixxmj2h25jbwjblctzaw.exe'
- C:\wdgopayuylwn\hrsvjonxtgn.exe
- C:\wdgopayuylwn\migbqfpt.exe
- C:\wdgopayuylwn\f3hqghsba6nf
- %WINDIR%\wdgopayuylwn\pb5luzcuwz8q
- C:\wdgopayuylwn\pb5luzcuwz8q
- C:\wdgopayuylwn\ixxmj2h25jbwjblctzaw.exe
- C:\wdgopayuylwn\migbqfpt.exe
- C:\wdgopayuylwn\hrsvjonxtgn.exe
- C:\wdgopayuylwn\ixxmj2h25jbwjblctzaw.exe
- %WINDIR%\wdgopayuylwn\pb5luzcuwz8q
- %WINDIR%\wdgopayuylwn\pb5luzcuwz8q
- '78.#7.87.58':21017
- '91.##.35.122':26126
- '98.##.223.221':20922
- '15#.#82.245.137':33982
- '62.##.253.114':51156
- '21#.#65.0.136':35711
- '79.##3.139.198':21201
- '21#.#07.110.82':26314
- '95.##.58.101':23245
- '5.##.147.5':26337
- ClassName: 'Shell_TrayWnd' WindowName: ''