Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\WinHTTP Application COM Authentication] 'Start' = '00000002'
- 'C:\dcapklnzucatl\nlekocec.exe' "c:\dcapklnzucatl\jiiejav.exe"
- 'C:\dcapklnzucatl\jiiejav.exe'
- 'C:\dcapklnzucatl\tc8taqupandvxi4awng.exe'
- C:\dcapklnzucatl\jiiejav.exe
- C:\dcapklnzucatl\nlekocec.exe
- C:\dcapklnzucatl\phcpizt
- %WINDIR%\dcapklnzucatl\obkocawzrzfg
- C:\dcapklnzucatl\obkocawzrzfg
- C:\dcapklnzucatl\tc8taqupandvxi4awng.exe
- C:\dcapklnzucatl\nlekocec.exe
- C:\dcapklnzucatl\jiiejav.exe
- C:\dcapklnzucatl\tc8taqupandvxi4awng.exe
- %WINDIR%\dcapklnzucatl\obkocawzrzfg
- DNS ASK qu####nclude.net
- DNS ASK se####general.net
- DNS ASK se####include.net
- DNS ASK se###nnorth.net
- DNS ASK qu###north.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK br###north.net
- DNS ASK qu###clear.net
- DNS ASK qu####eneral.net
- DNS ASK se###nclear.net
- ClassName: 'Shell_TrayWnd' WindowName: ''