Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Coordinator Ordering Multimedia Card' = 'C:\olfrrszzomtaxjv\prhqxqgrkrso.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Firewall NetBIOS Input Defragmenter Remote Group] 'ImagePath' = 'C:\olfrrszzomtaxjv\prhqxqgrkrso.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Firewall NetBIOS Input Defragmenter Remote Group] 'Start' = '00000002'
- 'C:\olfrrszzomtaxjv\silrjkn.exe' "c:\olfrrszzomtaxjv\prhqxqgrkrso.exe"
- 'C:\olfrrszzomtaxjv\prhqxqgrkrso.exe'
- 'C:\olfrrszzomtaxjv\rlnfb2utelaedh7yhiel.exe'
- C:\olfrrszzomtaxjv\prhqxqgrkrso.exe
- C:\olfrrszzomtaxjv\silrjkn.exe
- C:\olfrrszzomtaxjv\xp3lztuf
- %WINDIR%\olfrrszzomtaxjv\xmjppxw
- C:\olfrrszzomtaxjv\xmjppxw
- C:\olfrrszzomtaxjv\rlnfb2utelaedh7yhiel.exe
- C:\olfrrszzomtaxjv\silrjkn.exe
- C:\olfrrszzomtaxjv\prhqxqgrkrso.exe
- C:\olfrrszzomtaxjv\rlnfb2utelaedh7yhiel.exe
- %WINDIR%\olfrrszzomtaxjv\xmjppxw
- %WINDIR%\olfrrszzomtaxjv\xmjppxw
- '21#.#19.80.21':36542
- '18#.#42.107.86':26662
- '2.##.167.151':22437
- '19#.#62.66.148':52345
- '17#.#40.117.149':27603
- '18#.#55.237.75':28122
- '81.##7.50.99':52074
- '92.##7.78.237':47427
- ClassName: 'Shell_TrayWnd' WindowName: ''