Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '<SYSTEM32>\internet.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '<SYSTEM32>\explorar.exe'
- <SYSTEM32>\explorar.exe
- <SYSTEM32>\internet.exe
- <Текущая директория>\bl.exe
- <Текущая директория>\mydj.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mydj[1].html
- <SYSTEM32>\internet.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\pv-2[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\pv-1[1].html
- <Текущая директория>\mydj.exe
- <Текущая директория>\bl.exe
- <SYSTEM32>\explorar.exe
- <Текущая директория>\mydj.exe
- <Текущая директория>\bl.exe
- %TEMP%\~DF25B.tmp
- %TEMP%\~DF25D.tmp
- 'localhost':1040
- 'www.17###game.com':80
- 'localhost':1036
- 'www.3g##.net':80
- www.17###game.com/pv-2.html
- www.3g##.net/pv-1.html
- www.3g##.net/mydj.html
- DNS ASK www.17###game.com
- DNS ASK www.3g##.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''