Техническая информация
- <SYSTEM32>\winsp.exe
- <SYSTEM32>\regsvr32.exe /s <SYSTEM32>\windps.dll
- <SYSTEM32>\regsvr32.exe /u /s <SYSTEM32>\windps.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\ver[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\bsearch[1].do
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\csearch[1].do
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\install[1].do
- <SYSTEM32>\winsp.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\bho_3[1].mdb
- <SYSTEM32>\windps.dll
- <SYSTEM32>\windps.dll
- <SYSTEM32>\winsp.exe
- 'localhost':1037
- 'localhost':1040
- 'localhost':1034
- 'u.###uebao.com':80
- u.###uebao.com/bsearch.do?ac################
- u.###uebao.com/csearch.do?ac################
- u.###uebao.com/ver.html
- u.###uebao.com/baidu/bho_3.mdb
- u.###uebao.com/install.do?pr#################################
- DNS ASK u.###uebao.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''