Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '[EXPL0RER]' = '%WINDIR%\aw98fd4f41110.exe'
- '%WINDIR%\aw98fd4f41110.exe'
- %TEMP%\(1).zip
- %WINDIR%\aw98fd4f41110.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\jia[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\jia[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\zhen[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\zhen[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\jia[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\zhen[1].txt
- 'ip.#q.com':80
- '60.##2.31.59':80
- ip.#q.com/
- 60.##2.31.59/zhen.txt
- 60.##2.31.59/jia.txt
- 60.##2.31.59/ftpip.txt
- 60.##2.31.59/ftpid.txt
- 60.##2.31.59/ftpmima.txt
- DNS ASK ip.#q.com
- ClassName: '' WindowName: ''
- ClassName: 'SE_SogouExplorerFrame' WindowName: ''
- ClassName: '360se_Frame' WindowName: ''
- ClassName: 'RC_CORAL_CLASS_FRAME2' WindowName: ''
- ClassName: 'Windows Internet Explorer_Frame' WindowName: ''
- ClassName: 'CabinetWClass' WindowName: ''
- ClassName: 'Chrome_WidgetWin_1' WindowName: ''
- ClassName: 'QQBrowserMainFrame' WindowName: ''