Техническая информация
- %PROGRAM_FILES%\Win360\qqcexit.exe
- <SYSTEM32>\rundll32.exe url.dll,FileProtocolHandler http://www.i0##0.cn/vv/?we#
- <SYSTEM32>\wscript.exe "%PROGRAM_FILES%\Win360\cf.vbs"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\vv[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\1[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\CF_Y_2[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\CF_Y_5[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\CF_Y_1[1].html
- %PROGRAM_FILES%\Win360\qqcexit.exe
- %TEMP%\$inst\4.tmp
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\5.tmp
- %PROGRAM_FILES%\Win360\cf.vbs
- %TEMP%\$inst\temp_0.tmp
- %PROGRAM_FILES%\Win360\cf.vbs
- %TEMP%\$inst\4.tmp
- %TEMP%\$inst\5.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- 'www.i0##0.cn':80
- 'localhost':1036
- 'localhost':1035
- www.i0##0.cn/1a/CF_Y_1.html?05#
- www.i0##0.cn/1a/CF_Y_5.html?05#
- www.i0##0.cn/vv/?we#
- www.i0##0.cn/1a/1.html
- www.i0##0.cn/1a/CF_Y_2.html?05#
- DNS ASK www.i0##0.cn
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''