Техническая информация
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\xtpd[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\qlogin[1]
- 'localhost':1043
- '91########.78.fhreqedomainsnamxe01.org':80
- 'www.52##c.cn':80
- 'localhost':1039
- 'xu#.##login2.qq.com':80
- xu#.##login2.qq.com/cgi-bin/qlogin
- 91########.78.fhreqedomainsnamxe01.org/user/piaoyh.asp
- www.52##c.cn/fantiaoshi___tz/php//xtpd.php?to#############
- DNS ASK 91########.78.fhreqedomainsnamxe01.org
- DNS ASK www.52##c.cn
- DNS ASK xu#.##login2.qq.com
- ClassName: '' WindowName: '<Имя вируса>.exe'
- ClassName: '#32770' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''