Техническая информация
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\e.ys168[1]
- <Текущая директория>\Vision.skin
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wm17173[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tj[1].htm
- %HOMEPATH%\Favorites\Нв№ТЧч·»ЧКФґХѕ [42724920.ys168.com].url
- <SYSTEM32>\ecl6U1j.sys
- <SYSTEM32>\superecNchB9.sys
- %HOMEPATH%\Favorites\Нв№ТЧч·»№Щ·ЅХѕ [www.zuowg.com].url
- <SYSTEM32>\superecfy2Yj.sys
- <SYSTEM32>\superecfy2Yj.sys
- <SYSTEM32>\ecl6U1j.sys
- <SYSTEM32>\superecNchB9.sys
- 'www.fe###engwg.com':80
- 'wm##173.cn':80
- 'e.##168.com':80
- '10###.2m2m.net':80
- 'localhost':1037
- www.fe###engwg.com/hack/tj.htm
- wm##173.cn/
- 10###.2m2m.net/pizi.txt
- e.##168.com/?ra######
- DNS ASK www.fe###engwg.com
- DNS ASK wm##173.cn
- DNS ASK 10###.2m2m.net
- DNS ASK e.##168.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''