Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'adsacquy' = '%WINDIR%\adsclick.exe'
- '%WINDIR%\adsclick.exe'
- 'C:\vinacfcfph1066build2\xfire.dat'
- 'C:\vinacfcfph1066build2\VINACF CFPH.exe'
- '<SYSTEM32>\rundll32.exe' InetCpl.cpl,ClearMyTracksByProcess 2
- '<SYSTEM32>\rundll32.exe' InetCpl.cpl,ClearMyTracksByProcess 8
- %WINDIR%\adsclick.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[2].php
- C:\vinacfcfph1066build2\sxs.dat
- C:\vinacfcfph1066build2\xfire.dat
- C:\vinacfcfph1066build2\VINACF CFPH.exe
- 'up#####erver.no-ip.biz':80
- 'localhost':1039
- 'ha##ib.net':80
- up#####erver.no-ip.biz/active/CFPH/index.php?ve##############
- ha##ib.net/version/index.php
- DNS ASK up#####erver.no-ip.biz
- DNS ASK ha##ib.net
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'