Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Extender Service Portable Background Cache' = 'C:\ehwdgetwzqnwqx\edpsijgbccow.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\IP Smart Plug Location Reports Themes] 'ImagePath' = 'C:\ehwdgetwzqnwqx\edpsijgbccow.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\IP Smart Plug Location Reports Themes] 'Start' = '00000002'
- 'C:\ehwdgetwzqnwqx\zkkypuokj.exe' "c:\ehwdgetwzqnwqx\edpsijgbccow.exe"
- 'C:\ehwdgetwzqnwqx\edpsijgbccow.exe'
- 'C:\ehwdgetwzqnwqx\eawtn2vz2vewihqtxs7i0.exe'
- C:\ehwdgetwzqnwqx\edpsijgbccow.exe
- C:\ehwdgetwzqnwqx\zkkypuokj.exe
- C:\ehwdgetwzqnwqx\sephrkwq
- %WINDIR%\ehwdgetwzqnwqx\zgjtdlf
- C:\ehwdgetwzqnwqx\zgjtdlf
- C:\ehwdgetwzqnwqx\eawtn2vz2vewihqtxs7i0.exe
- C:\ehwdgetwzqnwqx\zkkypuokj.exe
- C:\ehwdgetwzqnwqx\edpsijgbccow.exe
- C:\ehwdgetwzqnwqx\eawtn2vz2vewihqtxs7i0.exe
- %WINDIR%\ehwdgetwzqnwqx\zgjtdlf
- %WINDIR%\ehwdgetwzqnwqx\zgjtdlf
- '20#.#7.225.58':33073
- '18#.#23.70.113':37727
- '10#.#46.77.146':33927
- '81.##4.87.112':37714
- '19#.#7.134.20':44965
- '24.##9.216.168':33794
- '98.##.223.221':20922
- '31.##7.83.237':44843
- '11#.#18.187.28':42065
- '12#.#60.123.173':36805
- '2.##.19.50':35833
- '87.##.38.225':33631
- ClassName: 'Shell_TrayWnd' WindowName: ''