Техническая информация
- C:\ґу·Й1011°ж.exe
- <SYSTEM32>\wscript.exe "C:\dafei.vbs"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\338mu[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\027dj[1]
- %TEMP%\dm.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\recover[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\cfhuiy[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\5e0d47a999e315074a36d67c[1].html
- %TEMP%\21b70.tmp
- %TEMP%\20361.tmp
- C:\dafei.vbs
- C:\ґу·Й1011°ж.exe
- %TEMP%\CFhZSm8.dll
- %TEMP%\20c0e.tmp
- %TEMP%\2091f.tmp
- %TEMP%\20c0e.tmp
- %TEMP%\2091f.tmp
- %TEMP%\20361.tmp
- 'www.cf##iy.com':80
- 'hi.##idu.com':80
- 'www.33##u.com':80
- '02##j.com':80
- 'localhost':1036
- www.cf##iy.com/
- 02##j.com/recover.html
- hi.##idu.com/tmpurl/blog/item/5e0d47a999e315074a36d67c.html
- www.33##u.com/
- 02##j.com/edition.txt
- www.33##u.com/cf/qq.txt
- 02##j.com/
- DNS ASK www.cf##iy.com
- DNS ASK hi.##idu.com
- DNS ASK www.33##u.com
- DNS ASK 02##j.com
- '<IP-адрес в локальной сети>':1034
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''