Техническая информация
- '<SYSTEM32>\№э·З·Ё.exe'
- '<SYSTEM32>\№э·З·Ё.exe' (загружен из сети Интернет)
- C:\Baidusd_OnlineSetup_sid_30181_silent.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\fzgx[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\duduwg[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tj[1].html
- <SYSTEM32>\№э·З·Ё.exe
- 'www.18##wg.com':80
- 'www.du##wg.com':80
- 'localhost':1036
- www.18##wg.com/tj.html
- www.18##wg.com/???#######
- www.du##wg.com/
- www.18##wg.com/yx/fzgx.txt
- DNS ASK www.18##wg.com
- DNS ASK www.du##wg.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'