Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'KRIS' = '%WINDIR%\svchost.exe'
- %WINDIR%\svchost.exe
- %TEMP%\QQХжИЛРгФНј»сИЎЖч.exe
- %TEMP%\Setup.Exe
- <SYSTEM32>\taskkill.exe /f /im Ksafetray.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\show_v3[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\52pojie[1]
- %PROGRAM_FILES%\svchest.ini
- %TEMP%\Setup.Exe
- %TEMP%\QQХжИЛРгФНј»сИЎЖч.exe
- %WINDIR%\svchost.exe
- C:\1.tmp
- 'www.52##jie.cn':80
- 'zx##.3322.org':8000
- 'localhost':1037
- 'localhost':1034
- 'sh##.qq.com':80
- www.52##jie.cn/
- sh##.qq.com/show_v3.html?MU###########################################################################################################################################
- DNS ASK www.52##jie.cn
- DNS ASK zx##.3322.org
- DNS ASK sh##.qq.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: 'Microsoft Internet Explorer'
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''