Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Capricorn' = '%PROGRAM_FILES%\111875.exe'
- C:\QQ·ЙіµНЇДкёЁЦъЗїЕзЛўЙМіЗV2.9°ж.vmp.exe
- C:\ЧФ¶ЇёьРВ.exe
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- C:\SkinH_EL.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mw98[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\x5[1].htm
- C:\ЧФ¶ЇёьРВ.exe
- C:\QQ·ЙіµНЇДкёЁЦъЗїЕзЛўЙМіЗV2.9°ж.vmp.exe
- C:\superec.ProcessMemory.sys
- C:\SkinH_EL.dll
- 'www.mw##.com':80
- 'localhost':1035
- www.mw##.com/x5.htm
- www.mw##.com/
- www.mw##.com/tn.htm
- DNS ASK www.mw##.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '18467-41' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''