Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\abc2.0] 'ImagePath' = '%TEMP%\~abc9Wi69.sys'
- [<HKLM>\System\CurrentControlSet\Services\abc2.0] 'ImagePath' = '%TEMP%\~abcxpt5X.sys'
- %TEMP%\~abc9Wi69.sys
- %WINDIR%\temp\udd53e3.tmp
- %TEMP%\8yp22nhve65ezp.exe
- %TEMP%\~abcxpt5X.sys
- %APPDATA%\microsoft\internet explorer\userdata\index.dat
- %APPDATA%\microsoft\internet explorer\userdata\yekid4ud\userdatabidupsid[1].xml
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012019110320191104\index.dat
- %TEMP%\~abc9Wi69.sys
- %TEMP%\~abcxpt5X.sys
- %WINDIR%\temp\udd53e3.tmp
- %TEMP%\~abc9Wi69.sys
- %TEMP%\~abcxpt5X.sys
- http://do#####d.kulove123.com/tckz.txt
- http://do#####d.kulove123.com/QQgg.txt
- http://do#####d.kulove123.com/jxexe.txt
- DNS ASK do#####d.kulove123.com
- DNS ASK ba##u.com
- DNS ASK m.##idu.com
- DNS ASK ss#.##static.com
- DNS ASK sp#.#aidu.com
- ClassName: '' WindowName: 'Microsoft Internet Explorer'
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%TEMP%\8yp22nhve65ezp.exe'