Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'User Enumerator Machine Routing Peer' = 'C:\ddjbosfszsyd\pjgocygibpn.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\File TPM Shell Firewall Location Agent] 'ImagePath' = 'C:\ddjbosfszsyd\pjgocygibpn.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\File TPM Shell Firewall Location Agent] 'Start' = '00000002'
- 'C:\ddjbosfszsyd\dlsvsllpumnr.exe' "c:\ddjbosfszsyd\pjgocygibpn.exe"
- 'C:\ddjbosfszsyd\pjgocygibpn.exe'
- 'C:\ddjbosfszsyd\ekvx2g6hipwtbhisiq.exe'
- C:\ddjbosfszsyd\pjgocygibpn.exe
- C:\ddjbosfszsyd\dlsvsllpumnr.exe
- C:\ddjbosfszsyd\yqlxezyggqt
- %WINDIR%\ddjbosfszsyd\kpfqaq3
- C:\ddjbosfszsyd\kpfqaq3
- C:\ddjbosfszsyd\ekvx2g6hipwtbhisiq.exe
- C:\ddjbosfszsyd\dlsvsllpumnr.exe
- C:\ddjbosfszsyd\pjgocygibpn.exe
- C:\ddjbosfszsyd\ekvx2g6hipwtbhisiq.exe
- %WINDIR%\ddjbosfszsyd\kpfqaq3
- %WINDIR%\ddjbosfszsyd\kpfqaq3
- '21#.#65.0.136':35711
- '41.##2.44.224':45860
- '74.#5.64.25':22739
- '88.#48.36.4':25752
- '93.##7.67.155':25640
- '41.##8.41.238':29356
- '78.##5.171.93':23699
- '20#.#95.172.22':41884
- '87.##.238.184':44724
- '10#.#46.77.146':33927
- '87.##.38.225':33631
- ClassName: 'Shell_TrayWnd' WindowName: ''