Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'LoadAppInit_DLLs' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = '%TEMP%\zihoh.dll'
- %TEMP%\zihoh.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\iLog[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\iLog[1].php
- 'ne####k.emloud.com':80
- ne####k.emloud.com/webyx/iLog.php?dl##################################
- ne####k.emloud.com/webyx/iLog.php?dl################################
- ne####k.emloud.com/webyx/iLog.php?dl##############################
- DNS ASK ne####k.emloud.com
- '<IP-адрес в локальной сети>':1033