Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\RemoteAccess] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\ЂvQ8uwY] 'Start' = '00000002'
- %PROGRAM_FILES%\thunder7.exe
- <SYSTEM32>\svchost.exe -k ЂvQ8uwY
- %WINDIR%\vbcfg.ini
- %PROGRAM_FILES%\MSN\Setup.dll
- %WINDIR%\windows.dat
- <SYSTEM32>\Y2ruQi.pic
- %TEMP%\nsn2.tmp
- %PROGRAM_FILES%\thunder7.exe
- %TEMP%\nsh3.tmp\System.dll
- %PROGRAM_FILES%\thunder7.exe
- %WINDIR%\vbcfg.ini
- %TEMP%\nsh3.tmp\System.dll
- %WINDIR%\windows.dat
- 'q6####48.3322.org':520
- DNS ASK tr##.p.360.cn
- DNS ASK st##.p.360.cn
- DNS ASK w-#.360.cn
- DNS ASK www.he##ton.com
- DNS ASK up###.f.360.cn
- DNS ASK sd##.qh-lb.com
- DNS ASK cl#####0001.cachecn.com
- DNS ASK h.###.qh-lb.com
- DNS ASK cl#####0002.cachecn.com
- DNS ASK st#####h.cs.duba.net
- DNS ASK cl#####.duba.kingsoft.com
- DNS ASK te#####.#fr.duba.kingsoft.com
- DNS ASK th##.#elpton.com
- DNS ASK up##.f.360.cn
- DNS ASK up#####b.360safe.com
- DNS ASK qu#.#h-lb.com
- DNS ASK q6####48.3322.org
- DNS ASK qs###b.f.360.cn
- DNS ASK co##.f.360.cn
- DNS ASK fw#####.360.cn.cachecn.com
- DNS ASK cc#####.h.tel.ccgslb.com.cn
- DNS ASK qd##.#ode.qihoo.com
- DNS ASK do##.qh-lb.com
- DNS ASK dl.##-lb.com
- DNS ASK g3##.##at.360safe.com