Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ialdnwxf] 'ImagePath' = '<SYSTEM32>\superecpmaDO.sys'
- %HOMEPATH%\Favorites\Нв№ТЧч·»ЧКФґХѕ [42724920.ys168.com].url
- %HOMEPATH%\Favorites\Нв№ТЧч·»№Щ·ЅХѕ [www.zuowg.com].url
- <SYSTEM32>\superecpmaDO.sys
- <SYSTEM32>\superecpmaDO.sys
- 'www.cf##l.com':80
- 'www.31#g.cn':80
- 'localhost':1037
- http://www.cf##l.com/tj.html
- http://www.31#g.cn/4.html
- http://www.cf##l.com/1.html
- http://www.31#g.cn/2.html
- http://www.31#g.cn/3.html
- DNS ASK www.cf##l.com
- DNS ASK www.31#g.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''