Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\UserMode Background Collector] 'Start' = '00000002'
- 'C:\ityojgts\pyyvoynznx.exe' "c:\ityojgts\mndplcz.exe"
- 'C:\ityojgts\mndplcz.exe'
- 'C:\ityojgts\gvyif2bzifgm7itemkh.exe'
- C:\ityojgts\mndplcz.exe
- C:\ityojgts\pyyvoynznx.exe
- C:\ityojgts\jxaijzkod
- %WINDIR%\ityojgts\mbr6jfrkvg2
- C:\ityojgts\mbr6jfrkvg2
- C:\ityojgts\gvyif2bzifgm7itemkh.exe
- C:\ityojgts\pyyvoynznx.exe
- C:\ityojgts\mndplcz.exe
- C:\ityojgts\gvyif2bzifgm7itemkh.exe
- %WINDIR%\ityojgts\mbr6jfrkvg2
- DNS ASK ci#####testranger.net
- DNS ASK pi####estranger.net
- DNS ASK pi####egoodbye.net
- DNS ASK pi####efortieth.net
- DNS ASK ci#####tegoodbye.net
- DNS ASK ci#####teadvance.net
- DNS ASK fi####fortieth.net
- DNS ASK th####goodbye.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK pi####eadvance.net
- DNS ASK th####fortieth.net
- ClassName: 'Shell_TrayWnd' WindowName: ''