Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\User-mode AuthIP Framework Grouping Tools] 'Start' = '00000002'
- 'C:\wotzrlcn\jjuphhuzig.exe' "c:\wotzrlcn\ddzozrc.exe"
- 'C:\wotzrlcn\ddzozrc.exe'
- 'C:\wotzrlcn\eb8qinndlvl1hvwsw.exe'
- C:\wotzrlcn\ddzozrc.exe
- C:\wotzrlcn\jjuphhuzig.exe
- C:\wotzrlcn\v8rtxnc
- %WINDIR%\wotzrlcn\i65cqubjpl5x
- C:\wotzrlcn\i65cqubjpl5x
- C:\wotzrlcn\eb8qinndlvl1hvwsw.exe
- C:\wotzrlcn\jjuphhuzig.exe
- C:\wotzrlcn\ddzozrc.exe
- C:\wotzrlcn\eb8qinndlvl1hvwsw.exe
- %WINDIR%\wotzrlcn\i65cqubjpl5x
- DNS ASK he###father.net
- DNS ASK di####ultfather.net
- DNS ASK di####ultapple.net
- DNS ASK di####ultbuilt.net
- DNS ASK he###apple.net
- DNS ASK dn#.##ftncsi.com
- DNS ASK an###rbuilt.net
- DNS ASK gl###built.net
- DNS ASK gl###carry.net
- DNS ASK an###rcarry.net
- ClassName: 'Shell_TrayWnd' WindowName: ''