Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Whstac catuoa] 'Start' = '00000002'
- '%WINDIR%\Mkxywai.exe'
- <SYSTEM32>\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NL36OFJC\anshuafeng_com[1]
- <SYSTEM32>\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3PNY1M8\2375642825[1]
- %WINDIR%\Mkxywai.exe
- 'us##.#zone.qq.com':80
- 'www.an###afeng.com':80
- 'www.an###afeng.com':6464
- 'localhost':54726
- www.an###afeng.com/
- us##.#zone.qq.com/2375642825
- DNS ASK us##.#zone.qq.com
- DNS ASK dn#.##ftncsi.com
- DNS ASK www.an###afeng.com