Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Experience Visual PNRP PnP-X Agent IKE Copy' = 'C:\xnbgbjkpkylqu\cshcjnho.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Experience Level Session Cache] 'ImagePath' = 'C:\xnbgbjkpkylqu\cshcjnho.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Experience Level Session Cache] 'Start' = '00000002'
- 'C:\xnbgbjkpkylqu\xqodngqiup.exe' "c:\xnbgbjkpkylqu\cshcjnho.exe"
- 'C:\xnbgbjkpkylqu\cshcjnho.exe'
- 'C:\xnbgbjkpkylqu\nuaq3a14aegaxdeh.exe'
- C:\xnbgbjkpkylqu\cshcjnho.exe
- C:\xnbgbjkpkylqu\xqodngqiup.exe
- C:\xnbgbjkpkylqu\srymbt
- %WINDIR%\xnbgbjkpkylqu\cifvskmshm
- C:\xnbgbjkpkylqu\cifvskmshm
- C:\xnbgbjkpkylqu\nuaq3a14aegaxdeh.exe
- C:\xnbgbjkpkylqu\xqodngqiup.exe
- C:\xnbgbjkpkylqu\cshcjnho.exe
- C:\xnbgbjkpkylqu\nuaq3a14aegaxdeh.exe
- %WINDIR%\xnbgbjkpkylqu\cifvskmshm
- %WINDIR%\xnbgbjkpkylqu\cifvskmshm
- '10#.#02.79.27':36272
- '78.##5.171.93':23699
- '86.#8.69.58':22437
- '93.##7.67.155':25640
- '91.##.35.122':26126
- '77.##8.205.139':22969
- '10#.#4.136.243':42581
- '18#.#23.70.113':37727
- '18#.#39.139.100':37599
- '18#.#38.249.34':37331
- ClassName: 'Shell_TrayWnd' WindowName: ''