Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\408ZLqAE] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\XSpeed] 'ImagePath' = '<Текущая директория>\XSpeedWinXPx86.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\4777TpMw] 'ImagePath' = '<SYSTEM32>\4777TpMw.sys'
- [<HKLM>\SYSTEM\ControlSet001\Services\408ZLqAE] 'ImagePath' = '<SYSTEM32>\408ZLqAE.sys'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome
- <Текущая директория>\XSpeedWinXPx86.sys
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\2VAZY7AN\leilongfz[1]
- <SYSTEM32>\408ZLqAE.sys
- <SYSTEM32>\4777TpMw.sys
- <SYSTEM32>\4777TpMw.systmp
- <Текущая директория>\XSpeedWinXPx86.sys
- <Текущая директория>\XSpeedWinXPx86.sys
- <SYSTEM32>\4777TpMw.sys
- <SYSTEM32>\4777TpMw.sys
- 'www.le###ngfz.com':80
- 'yu######in.b0.upaiyun.com':80
- 'localhost':1039
- 't.##.com':80
- 'ae######ye.stor.sinaapp.com':80
- http://www.le###ngfz.com/
- http://yu######in.b0.upaiyun.com/hotst/qd.txt
- http://t.##.com/fangzhizhe3862
- http://ae######ye.stor.sinaapp.com/zhuye.txt
- DNS ASK yu######in.b0.upaiyun.com
- DNS ASK my.##years.com
- DNS ASK www.le###ngfz.com
- DNS ASK t.##.com
- DNS ASK ae######ye.stor.sinaapp.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''