Техническая информация
- %WINDIR%\svchosw.exe
- %WINDIR%\ётуЎНв№ТВМЙ«°ж.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\2[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\zhuangbb[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\1[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\dy[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\cf[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\sky[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\dx[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\cfhama[1]
- %WINDIR%\svchosw.exe
- <SYSTEM32>\ESPI11.dll
- %WINDIR%\ётуЎНв№ТВМЙ«°ж.exe
- %WINDIR%\CFBFZ.dll
- %WINDIR%\xiaogui.dll
- %WINDIR%\Loader.dll
- %WINDIR%\Inject.dll
- 'www.cf##hua.com':80
- 'localhost':1046
- 'www.51##z.cn':80
- 'www.xe##8.com':80
- 'localhost':1040
- 'www.zh###gbb.com':80
- 'zh###gbb.com':80
- 'cf##ma.cn':80
- www.cf##hua.com/dy.html
- cf##ma.cn/2.htm
- zh###gbb.com/
- www.51##z.cn/cf/
- www.51##z.cn/321/sky.html
- www.xe##8.com/dx.html
- www.zh###gbb.com/gg.txt
- www.zh###gbb.com/down.txt
- www.zh###gbb.com/up.txt
- cf##ma.cn/yanzheng/ie.txt
- cf##ma.cn/1.htm
- cf##ma.cn/
- DNS ASK www.cf##hua.com
- DNS ASK www.xe##8.com
- DNS ASK www.51##z.cn
- DNS ASK zh###gbb.com
- DNS ASK www.zh###gbb.com
- DNS ASK cf##ma.cn
- DNS ASK www.cf##ma.cn
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''