Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Gateway Level Visual Helper Wired' = '%APPDATA%\Roaming\psbetkgzhvyyiqv\mrwrsdqtbn.exe'
- '%APPDATA%\Roaming\psbetkgzhvyyiqv\mcezpnf.exe' "%APPDATA%\Roaming\psbetkgzhvyyiqv\mrwrsdqtbn.exe"
- '%APPDATA%\Roaming\psbetkgzhvyyiqv\mrwrsdqtbn.exe'
- %APPDATA%\Roaming\psbetkgzhvyyiqv\mrwrsdqtbn.xp
- %APPDATA%\Roaming\psbetkgzhvyyiqv\mcezpnf.exe
- %APPDATA%\Roaming\psbetkgzhvyyiqv\mrwrsdqtbn.exe
- %APPDATA%\Roaming\psbetkgzhvyyiqv\mcezpnf.exe
- %APPDATA%\Roaming\psbetkgzhvyyiqv\mrwrsdqtbn.exe
- DNS ASK re###ddried.net
- DNS ASK ca####narticle.net
- DNS ASK el####icdried.net
- DNS ASK el####icfifteen.net
- DNS ASK re####fifteen.net
- DNS ASK la####rticle.net
- DNS ASK ca####nfifteen.net
- DNS ASK la####ifteen.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK ca####nangry.net
- DNS ASK la###angry.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''