Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'xev' = '<Текущая директория>\vhost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyOverride' = '<-loopback>'
- [<HKLM>\SYSTEM\ControlSet001\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings] 'ProxyEnable' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyEnable' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyServer' = 'http=127.0.0.1:8877;https=127.0.0.1:8877;'
- <LS_APPDATA>\IsolatedStorage\zobel2u3.3j5\xg4p2wex.aho\Url.5onwpfvub4v44rwizch0i455ojp1jwus\AssemFiles\storage_811092dcc98648d790a1730d08245b4b_statistics.bin
- <LS_APPDATA>\IsolatedStorage\zobel2u3.3j5\xg4p2wex.aho\Url.5onwpfvub4v44rwizch0i455ojp1jwus\AssemFiles\storage_811092dcc98648d790a1730d08245b4b_sessiondata_ad095b0f675947a2b7fffca7d848d742.bin
- <LS_APPDATA>\IsolatedStorage\zobel2u3.3j5\xg4p2wex.aho\Url.5onwpfvub4v44rwizch0i455ojp1jwus\AssemFiles\storage_811092dcc98648d790a1730d08245b4b_policy.bin
- <LS_APPDATA>\IsolatedStorage\zobel2u3.3j5\xg4p2wex.aho\Url.5onwpfvub4v44rwizch0i455ojp1jwus\identity.dat
- <LS_APPDATA>\IsolatedStorage\zobel2u3.3j5\xg4p2wex.aho\Url.5onwpfvub4v44rwizch0i455ojp1jwus\info.dat
- '81############d790a1730d08245b4b.monitor-eqatec.com':80
- 'wp#d':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://81############d790a1730d08245b4b.monitor-eqatec.com/monitor.ashx?pv#####################################################################################################
- DNS ASK 81############d790a1730d08245b4b.monitor-eqatec.com
- DNS ASK wp#d