Техническая информация
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- '<SYSTEM32>\rundll32.exe' "<SYSTEM32>\WININET.dll",DispatchAPICall 1
- opera.exe
- chrome.exe
- %HOMEPATH%\news_files\background.js
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\manifest[1].json
- %HOMEPATH%\news_files\manifest.json
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\BOWDBRP7\background[1].js
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\class[1].php
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\Preferences[1]
- %HOMEPATH%\news_files\Preferences
- 'www.pa###nbayi.com':80
- 'www.es###tbayan.tc':80
- www.pa###nbayi.com/ext/background.js
- www.es###tbayan.tc/manifest.json
- www.es###tbayan.tc/class.php?id########
- www.es###tbayan.tc/Preferences
- DNS ASK www.pa###nbayi.com
- DNS ASK www.es###tbayan.tc
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'