Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SunJava' = '%APPDATA%\Sunjava\SunJava.cmd'
- скрытых файлов
- расширений файлов
- %APPDATA%\SunJava\SunJava.cmd
- <SYSTEM32>\makecab.exe "%APPDATA%\signons.sqlite" "%APPDATA%\sig.cab"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tehranloos.zzl[1]
- %APPDATA%\sig.cab
- %TEMP%\cab5
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\upl[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\tehranloos.zzl[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\upl[1].htm
- %TEMP%\cab6
- %APPDATA%\signons.sqlite
- %APPDATA%\SunJava\SunJava.cmd
- %TEMP%\cab4
- %TEMP%\cab3
- %TEMP%\cab2
- %APPDATA%\sig.cab
- %TEMP%\cab6
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tehranloos.zzl[1]
- %APPDATA%\signons.sqlite
- %TEMP%\cab3
- %TEMP%\cab2
- %TEMP%\cab5
- %TEMP%\cab4
- 'te####loos.zzl.org':80
- 'lo####1.site40.net':80
- '74.##5.232.51':80
- 'localhost':1035
- 'localhost':1036
- lo####1.site40.net/upl.htm
- te####loos.zzl.org/
- DNS ASK lo####1.site40.net
- DNS ASK te####loos.zzl.org
- DNS ASK www.google.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''