Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Audio Adaptive PC RPC Firewall] 'Start' = '00000002'
- 'C:\ntimrdm\tyfbfzvsttdv.exe' "c:\ntimrdm\natrbuj.exe"
- 'C:\ntimrdm\natrbuj.exe'
- 'C:\ntimrdm\ywnc7zt2j4cxnybg9fl.exe'
- C:\ntimrdm\natrbuj.exe
- C:\ntimrdm\tyfbfzvsttdv.exe
- C:\ntimrdm\mrsjlueme
- %WINDIR%\ntimrdm\hjxyobgcdmbg
- C:\ntimrdm\hjxyobgcdmbg
- C:\ntimrdm\ywnc7zt2j4cxnybg9fl.exe
- C:\ntimrdm\tyfbfzvsttdv.exe
- C:\ntimrdm\natrbuj.exe
- C:\ntimrdm\ywnc7zt2j4cxnybg9fl.exe
- %WINDIR%\ntimrdm\hjxyobgcdmbg
- DNS ASK ra####consider.net
- DNS ASK mo####gfancy.net
- DNS ASK mo####gconsider.net
- DNS ASK mo####gfriend.net
- DNS ASK ra####friend.net
- DNS ASK ra###rfancy.net
- DNS ASK tw####friend.net
- DNS ASK mi####friend.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK mo####glaughter.net
- DNS ASK ra####laughter.net
- ClassName: 'Shell_TrayWnd' WindowName: ''