Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Coordinator Browser Access Socket Plug' = 'C:\mnsmqqxw\ewzuavsymbg.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Problem AuthIP WinHTTP Cache] 'ImagePath' = 'C:\mnsmqqxw\ewzuavsymbg.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Problem AuthIP WinHTTP Cache] 'Start' = '00000002'
- 'C:\mnsmqqxw\lhkobwv.exe' "c:\mnsmqqxw\ewzuavsymbg.exe"
- 'C:\mnsmqqxw\ewzuavsymbg.exe'
- 'C:\mnsmqqxw\swl2q8grevko52ugw.exe'
- C:\mnsmqqxw\ewzuavsymbg.exe
- C:\mnsmqqxw\lhkobwv.exe
- C:\mnsmqqxw\clhnefyvt
- %WINDIR%\mnsmqqxw\pehmvlazp
- C:\mnsmqqxw\pehmvlazp
- C:\mnsmqqxw\swl2q8grevko52ugw.exe
- C:\mnsmqqxw\lhkobwv.exe
- C:\mnsmqqxw\ewzuavsymbg.exe
- C:\mnsmqqxw\swl2q8grevko52ugw.exe
- %WINDIR%\mnsmqqxw\pehmvlazp
- %WINDIR%\mnsmqqxw\pehmvlazp
- '18#.#45.182.189':37331
- '62.##.253.114':51156
- '18#.#55.235.72':28122
- '10#.#4.136.243':42581
- '93.##7.67.155':25640
- '2.##.167.151':22437
- '91.##.35.122':26126
- '80.##1.86.158':33631
- ClassName: 'Shell_TrayWnd' WindowName: ''