Техническая информация
- <Полный путь к вирусу>
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cfwoniu[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\338mu[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\89ts[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cfbingyue[1]
- %TEMP%\2.tmp
- %TEMP%\1.tmp
- <DRIVERS>\ofYo7W5b.sys
- %TEMP%\3.tmp
- %TEMP%\3.tmp
- <DRIVERS>\ofYo7W5b.sys
- %TEMP%\1.tmp
- %TEMP%\2.tmp
- 'www.cf##niu.com':80
- 'www.cf###gyue.com':80
- 'www.89##.com':80
- 'cf#####ue.blog.163.com':80
- 'localhost':1037
- 'www.33##u.com':80
- www.cf###gyue.com/
- www.89##.com/
- www.cf##niu.com/
- cf#####ue.blog.163.com/blog/static/21687602920133218746758/
- www.33##u.com/
- DNS ASK www.cf###gyue.com
- DNS ASK www.89##.com
- DNS ASK www.cf##niu.com
- DNS ASK cf#####ue.blog.163.com
- DNS ASK www.33##u.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''