Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Compatibility Defender Telephony Shell' = 'C:\mmiqaaovlpzm\vvpudweztf.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Certificate Power Builder] 'ImagePath' = 'C:\mmiqaaovlpzm\vvpudweztf.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Certificate Power Builder] 'Start' = '00000002'
- 'C:\mmiqaaovlpzm\bqvaebzyvdo.exe' "c:\mmiqaaovlpzm\vvpudweztf.exe"
- 'C:\mmiqaaovlpzm\vvpudweztf.exe'
- 'C:\mmiqaaovlpzm\ue5573bwjgomocq.exe'
- C:\mmiqaaovlpzm\vvpudweztf.exe
- C:\mmiqaaovlpzm\bqvaebzyvdo.exe
- C:\mmiqaaovlpzm\z7itez
- %WINDIR%\mmiqaaovlpzm\nfsctulb
- C:\mmiqaaovlpzm\nfsctulb
- C:\mmiqaaovlpzm\ue5573bwjgomocq.exe
- C:\mmiqaaovlpzm\bqvaebzyvdo.exe
- C:\mmiqaaovlpzm\vvpudweztf.exe
- C:\mmiqaaovlpzm\ue5573bwjgomocq.exe
- %WINDIR%\mmiqaaovlpzm\nfsctulb
- %WINDIR%\mmiqaaovlpzm\nfsctulb
- '21#.#07.110.82':26314
- '5.##.147.5':26337
- '86.##5.19.130':27743
- '79.##7.196.121':45688
- '94.##1.114.138':44254
- '79.##3.139.198':21201
- '18#.#39.139.100':37599
- '22#.#1.110.45':48008
- '10#.#46.77.146':33927
- '72.##1.207.62':22399
- ClassName: 'Shell_TrayWnd' WindowName: ''