Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\abc2.0] 'ImagePath' = '%TEMP%\~abcQBkEh.sys'
- [<HKLM>\System\CurrentControlSet\Services\abc2.0] 'ImagePath' = '%TEMP%\~abcb1Ql0.sys'
- %TEMP%\~abcQBkEh.sys
- %WINDIR%\temp\uddeb03.tmp
- %TEMP%\49j424o5dl.exe
- %TEMP%\~abcb1Ql0.sys
- %APPDATA%\microsoft\internet explorer\userdata\index.dat
- %APPDATA%\microsoft\internet explorer\userdata\htzrmeor\userdatabidupsid[1].xml
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012019110320191104\index.dat
- %TEMP%\~abcQBkEh.sys
- %TEMP%\~abcb1Ql0.sys
- %WINDIR%\temp\uddeb03.tmp
- %TEMP%\~abcQBkEh.sys
- %TEMP%\~abcb1Ql0.sys
- http://do#####d.kulove123.com/tckz.txt
- http://do#####d.kulove123.com/QQgg.txt
- http://do#####d.kulove123.com/jxexe.txt
- DNS ASK do#####d.kulove123.com
- DNS ASK ba##u.com
- DNS ASK m.##idu.com
- DNS ASK ss#.##static.com
- DNS ASK sp#.#aidu.com
- ClassName: '' WindowName: 'Microsoft Internet Explorer'
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%TEMP%\49j424o5dl.exe'