Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Profile File Launcher Auto-Discovery Connect] 'Start' = '00000002'
- 'C:\nbodawxh\rhausjzdywdb.exe' "c:\nbodawxh\iuhddtziinhf.exe"
- 'C:\nbodawxh\iuhddtziinhf.exe'
- 'C:\nbodawxh\yp8cavpcyqoxyvcfvj.exe'
- '<SYSTEM32>\wermgr.exe' "-queuereporting_svc" "C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_iuhddtziinhf.exe_89fb1041127e30d52bb982f2e8c0136a6f52dee_cab_1a5e37d1"
- C:\nbodawxh\iuhddtziinhf.exe
- C:\nbodawxh\rhausjzdywdb.exe
- C:\nbodawxh\bysrmgfj
- %WINDIR%\nbodawxh\fblucxwpcg
- C:\nbodawxh\fblucxwpcg
- C:\nbodawxh\yp8cavpcyqoxyvcfvj.exe
- C:\nbodawxh\rhausjzdywdb.exe
- C:\nbodawxh\iuhddtziinhf.exe
- C:\nbodawxh\yp8cavpcyqoxyvcfvj.exe
- %WINDIR%\nbodawxh\fblucxwpcg
- C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_iuhddtziinhf.exe_89fb1041127e30d52bb982f2e8c0136a6f52dee_cab_1a5e37d1\Report.wer.tmp в C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_iuhddtziinhf.exe_89fb1041127e30d52bb982f2e8c0136a6f52dee_cab_1a5e37d1\Report.wer
- DNS ASK se####neither.net
- DNS ASK qu####either.net
- DNS ASK se####system.net
- DNS ASK qu###system.net
- DNS ASK se###nhonor.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK fl###trust.net
- DNS ASK qu###honor.net
- DNS ASK br###trust.net
- ClassName: 'Shell_TrayWnd' WindowName: ''