Техническая информация
- [<HKLM>\SOFTWARE\Classes\htb\shell\open\command] '' = 'IEXPLORE.EXE http://taobao.loliso.com/?1121'
- [<HKLM>\SOFTWARE\Classes\h35\shell\open\command] '' = 'IEXPLORE.EXE http://www.35yes.com/?1121'
- [<HKLM>\SOFTWARE\Classes\hli\shell\open\command] '' = 'IEXPLORE.EXE http://www.loliso.com/?1121'
- [<HKLM>\SOFTWARE\Classes\hdh\shell\open\command] '' = 'IEXPLORE.EXE http://www.henbucuo.com/?1121'
- [<HKLM>\SOFTWARE\Classes\hyx\shell\open\command] '' = 'IEXPLORE.EXE http://www.d91d.com/?1121'
- [<HKLM>\SOFTWARE\Classes\hpf\shell\open\command] '' = 'IEXPLORE.EXE http://www.piaofang.net/?1121'
- C:\4470NQ.exe
- <SYSTEM32>\wscript.exe jies.bak.vbs
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://dl.###link.cn:1287/CPAdown/vplay.php
- C:\4470NQ.exe
- <Текущая директория>\jies.bak.vbs
- %CommonProgramFiles%\t.ico
- %CommonProgramFiles%\d.ico
- C:\4470NQ.exe
- %CommonProgramFiles%\d.ico
- %CommonProgramFiles%\t.ico
- 'dl.##nlink.cn':1287
- 'localhost':1035
- DNS ASK dl.##nlink.cn
- ClassName: 'Progman' WindowName: ''
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''