Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BAAk6tc4] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\BAAk6tc4] 'ImagePath' = '<SYSTEM32>\BAAk6tc4.sys'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome
- <Текущая директория>\updata\tmp.zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\zhuzaifz[1]
- %TEMP%\nicotmp.ico
- <Текущая директория>\wqycuxrj.dll
- <SYSTEM32>\BAAk6tc4.sys
- <Текущая директория>\updata\tmp.zip в <Текущая директория>\updata\updata.zip
- <Текущая директория>\wqycuxrj.dll в <Текущая директория>\urvkmkcb.dll
- '60.##0.218.140':8821
- 'cq#######11.stor.sinaapp.com':80
- 'www.zh###ifz.com':80
- 'localhost':1051
- 'mi#####.zhuzaifz.com':80
- 't.##.com':80
- 'localhost':1038
- 'si###loud.net':80
- 'tj.##zokan.com':8080
- http://cq#######11.stor.sinaapp.com/zhuzai%2Ftc.txt
- http://www.zh###ifz.com/
- http://si###loud.net/yun2016/hotst.txt
- http://mi#####.zhuzaifz.com/
- http://t.##.com/caiwen6514
- http://si###loud.net/yun2016/zhuye.txt
- http://si###loud.net/yun2016/updata.zip
- DNS ASK cq#######11.stor.sinaapp.com
- DNS ASK www.zh###ifz.com
- DNS ASK my.##years.com
- DNS ASK mi#####.zhuzaifz.com
- DNS ASK t.##.com
- DNS ASK tj.##zokan.com
- DNS ASK si###loud.net
- ClassName: '' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''