Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Net.Tcp Awareness Image Interface] 'Start' = '00000002'
- 'C:\bhlbihhdrn\kriproghden.exe' "c:\bhlbihhdrn\gukfnijgpxpw.exe"
- 'C:\bhlbihhdrn\gukfnijgpxpw.exe'
- 'C:\bhlbihhdrn\ceeldtbwwom73zzm.exe'
- C:\bhlbihhdrn\gukfnijgpxpw.exe
- C:\bhlbihhdrn\kriproghden.exe
- C:\bhlbihhdrn\kqpcjtdc
- %WINDIR%\bhlbihhdrn\olmeyz
- C:\bhlbihhdrn\olmeyz
- C:\bhlbihhdrn\ceeldtbwwom73zzm.exe
- C:\bhlbihhdrn\kriproghden.exe
- C:\bhlbihhdrn\gukfnijgpxpw.exe
- C:\bhlbihhdrn\ceeldtbwwom73zzm.exe
- %WINDIR%\bhlbihhdrn\olmeyz
- DNS ASK le####trouble.net
- DNS ASK he####strong.net
- DNS ASK he####trouble.net
- DNS ASK he####president.net
- DNS ASK le####president.net
- DNS ASK le####strong.net
- DNS ASK re#####president.net
- DNS ASK or####resident.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK re####ecaught.net
- DNS ASK or###caught.net
- ClassName: 'Shell_TrayWnd' WindowName: ''