Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ias] 'Start' = '00000002'
- C:\KDVoiceV2.30(Greenhua.com).exe
- C:\youyou.exe
- <SYSTEM32>\lovvsrpefe
- <LS_APPDATA>\Microsoft\Windows Media\9.0\WMSDKNS.XML.bak
- <LS_APPDATA>\Microsoft\Windows Media\9.0\WMSDKNSD.XML
- %TEMP%\122187.txt
- C:\youyou.exe
- C:\KDVoiceV2.30(Greenhua.com).exe
- <Текущая директория>\ckspbqslqy
- <SYSTEM32>\lovvsrpefe
- <LS_APPDATA>\Microsoft\Windows Media\9.0\WMSDKNS.XML.bak
- <Текущая директория>\ckspbqslqy
- C:\youyou.exe
- 'www.if##tek.com':80
- 'qq####ou.gicp.net':6587
- 'qq####ou.3322.org':8312
- www.if##tek.com/images/images/style1.css
- DNS ASK www.if##tek.com
- DNS ASK qq####ou.gicp.net
- DNS ASK qq####ou.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''