Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Agent PnP-X Shadow Proxy Office' = 'C:\ptlxcgdatm\cyggqaqr.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Trap Compatibility Error WMI Certificate] 'ImagePath' = 'C:\ptlxcgdatm\cyggqaqr.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Trap Compatibility Error WMI Certificate] 'Start' = '00000002'
- 'C:\ptlxcgdatm\whdrvfhbef.exe' "c:\ptlxcgdatm\cyggqaqr.exe"
- 'C:\ptlxcgdatm\cyggqaqr.exe'
- 'C:\ptlxcgdatm\etz2oy0qbkujkryo.exe'
- C:\ptlxcgdatm\cyggqaqr.exe
- C:\ptlxcgdatm\whdrvfhbef.exe
- C:\ptlxcgdatm\ry2qseblkgez
- %WINDIR%\ptlxcgdatm\oiydcso
- C:\ptlxcgdatm\oiydcso
- C:\ptlxcgdatm\etz2oy0qbkujkryo.exe
- C:\ptlxcgdatm\whdrvfhbef.exe
- C:\ptlxcgdatm\cyggqaqr.exe
- C:\ptlxcgdatm\etz2oy0qbkujkryo.exe
- %WINDIR%\ptlxcgdatm\oiydcso
- %WINDIR%\ptlxcgdatm\oiydcso
- '79.##.202.44':23699
- '91.##.35.122':26126
- '21#.#19.80.21':36542
- '10#.#46.77.146':33927
- '18#.#55.19.91':30767
- '19#.#0.96.220':41884
- '24.##9.216.168':33794
- '17#.#50.138.208':20422
- ClassName: 'Shell_TrayWnd' WindowName: ''