Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'xxx' = '%ProgramFiles%\Internet Explorer\le.exe'
- '%WINDIR%\BlueInstaller_bslrzqpc_164635_.exe' (загружен из сети Интернет)
- '%WINDIR%\BlueInstaller_bslrzqpc_164635_.exe'
- %ProgramFiles%\Internet Explorer\le.exe
- %WINDIR%\BlueResource.bpk
- %WINDIR%\BlueInstaller_bslrzqpc_164635_.exe
- '95####782.woomv.com':80
- 'xu#.##login2.qq.com':80
- 'localhost':1037
- http://95####782.woomv.com/BlueResource.exe
- http://95####782.woomv.com/BlueInstaller_bslrzqpc_164635_.exe
- http://xu#.##login2.qq.com/cgi-bin/qlogin?do#####################################################################################################################################################...
- DNS ASK 95####782.woomv.com
- DNS ASK xu#.##login2.qq.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''