Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'system' = '%WINDIR%\spysysv3.exe'
- %TEMP%\~DF14D5.tmp
- 'us####.nofeehost.com':80
- 'ge###nk.wen.ru':80
- 'localhost':1038
- http://us####.nofeehost.com/spysys/setVICTIM.asp?id##########################
- http://us####.nofeehost.com/spysys/getIP.asp?id##########################
- http://ge###nk.wen.ru/
- DNS ASK us####.nofeehost.com
- DNS ASK ge###nk.wen.ru
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''