Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Config Link-Layer IKE Registry' = '%APPDATA%\Roaming\vptptfusrsga\ojhphnajytzr.exe'
- '%APPDATA%\Roaming\vptptfusrsga\gsavapm.exe' "%APPDATA%\Roaming\vptptfusrsga\ojhphnajytzr.exe"
- '%APPDATA%\Roaming\vptptfusrsga\ojhphnajytzr.exe'
- %APPDATA%\Roaming\vptptfusrsga\ojhphnajytzr.cmm
- %APPDATA%\Roaming\vptptfusrsga\gsavapm.exe
- %APPDATA%\Roaming\vptptfusrsga\ojhphnajytzr.exe
- %APPDATA%\Roaming\vptptfusrsga\ojhphnajytzr.exe
- DNS ASK pe####charge.net
- DNS ASK ma####esingle.net
- DNS ASK ma####echarge.net
- DNS ASK ma#####difference.net
- DNS ASK pe#####ifference.net
- DNS ASK pe####single.net
- DNS ASK be#####difference.net
- DNS ASK ex#####ifference.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK be####eevery.net
- DNS ASK ex###tevery.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''