Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Ordering Assistant Adapter BitLocker Player] 'Start' = '00000002'
- 'C:\qsysbuany\tmpmcjl.exe' "c:\qsysbuany\orvbnhncsda.exe"
- 'C:\qsysbuany\orvbnhncsda.exe'
- 'C:\qsysbuany\e4jf9f0hlqhuab6kloco.exe'
- C:\qsysbuany\orvbnhncsda.exe
- C:\qsysbuany\tmpmcjl.exe
- C:\qsysbuany\nzzophwuq
- %WINDIR%\qsysbuany\zv3pehxgz
- C:\qsysbuany\zv3pehxgz
- C:\qsysbuany\e4jf9f0hlqhuab6kloco.exe
- C:\qsysbuany\tmpmcjl.exe
- C:\qsysbuany\orvbnhncsda.exe
- C:\qsysbuany\e4jf9f0hlqhuab6kloco.exe
- %WINDIR%\qsysbuany\zv3pehxgz
- DNS ASK ch####resident.net
- DNS ASK co####etrouble.net
- DNS ASK co#####president.net
- DNS ASK co####ecaught.net
- DNS ASK ch###caught.net
- DNS ASK ch####rouble.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK th###caught.net
- DNS ASK pr####tcaught.net
- DNS ASK co####estrong.net
- DNS ASK ch###strong.net
- ClassName: 'Shell_TrayWnd' WindowName: ''