Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Spooler Smart Propagation COM List] 'Start' = '00000002'
- 'C:\jvkdlckxgo\kbepcwoighrp.exe' "c:\jvkdlckxgo\hmedsgcpesf.exe"
- 'C:\jvkdlckxgo\hmedsgcpesf.exe'
- 'C:\jvkdlckxgo\ox8cbalpwylvytbxj.exe'
- C:\jvkdlckxgo\hmedsgcpesf.exe
- C:\jvkdlckxgo\kbepcwoighrp.exe
- C:\jvkdlckxgo\owabbt
- %WINDIR%\jvkdlckxgo\t3njfqnu
- C:\jvkdlckxgo\t3njfqnu
- C:\jvkdlckxgo\ox8cbalpwylvytbxj.exe
- C:\jvkdlckxgo\kbepcwoighrp.exe
- C:\jvkdlckxgo\hmedsgcpesf.exe
- C:\jvkdlckxgo\ox8cbalpwylvytbxj.exe
- %WINDIR%\jvkdlckxgo\t3njfqnu
- DNS ASK qu###always.net
- DNS ASK se###nanger.net
- DNS ASK se####always.net
- DNS ASK se####forest.net
- DNS ASK qu###forest.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK br###forest.net
- DNS ASK qu###wheat.net
- DNS ASK qu###anger.net
- DNS ASK se###nwheat.net
- ClassName: 'Shell_TrayWnd' WindowName: ''