Техническая информация
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1400' = '0'
- %TEMP%\27fe5.tmp
- %TEMP%\28a46.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ty[1].html
- %TEMP%\axl.dll
- %TEMP%\27555.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\gg[1].html
- %TEMP%\28a46.tmp
- %TEMP%\27fe5.tmp
- %TEMP%\27555.tmp
- 'localhost':1042
- 'www.26##5.com':80
- 'www.cf##w.org':80
- 'localhost':1037
- 'www.al###ixian.com':80
- www.26##5.com/ty.html
- www.cf##w.org/gg.html
- www.al###ixian.com/db.txt
- DNS ASK www.26##5.com
- DNS ASK www.cf##w.org
- DNS ASK www.al###ixian.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''