Техническая информация
- '%APPDATA%\Roaming\PPLive\WebGameClient\pptv_sanguohun.exe' /C 263 /CC 433 /D <Полный путь к вирусу> /IB 1717WAN-三国魂
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEWNTWLX\NewErrorPageTemplate[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\23BUYPX5\errorPageStrings[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\3U23MFC9\httpErrorPagesScripts[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIF7DGLM\dnserrordiagoff[1]
- %APPDATA%\Roaming\PPLive\WebGameClient\pptv_sanguohun.exe
- %APPDATA%\Roaming\PPLive\WebGameClient\sgh_idata.inmk
- %HOMEPATH%\Desktop\1717WAN-三国魂.lnk
- DNS ASK st####.g.pptv.com
- DNS ASK ga##.g.pptv.com
- DNS ASK dn#.##ftncsi.com
- DNS ASK va#.##ta.pplive.com
- DNS ASK tj.#.pptv.com
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''