Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HijackThis' = '<Полный путь к файлу>'
- [<HKLM>\System\CurrentControlSet\Services\IKEEXT] 'Start' = '00000002'
- Средство контроля пользовательских учетных записей (UAC)
- '<SYSTEM32>\netsh.exe' firewall set opmode disable
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\metadata\f0accf77cdcbff39f6191887f6d2d357
- %WINDIR%\serviceprofiles\networkservice\appdata\locallow\microsoft\cryptneturlcache\content\f0accf77cdcbff39f6191887f6d2d357
- %LOCALAPPDATA%\microsoft\windows\history\history.ie5\mshist012020030820200309\index.dat
- http://bo####.4chan.org/b/
- http://www.om##le.com/
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://s.##dn.org/css/yotsubamobile.692.css
- http://s.##dn.org/css/yotsubanew.692.css
- http://s.##dn.org/js/core.min.1046.js
- http://s.##dn.org/js/extension.min.1110.js
- http://s.##dn.org/css/yotsubluenew.692.css
- http://s.##dn.org/css/futabanew.692.css
- http://s.##dn.org/css/burichannew.692.css
- http://s.##dn.org/css/photon.692.css
- http://s.##dn.org/css/tomorrow.692.css
- DNS ASK li#####cams.fileave.com
- DNS ASK x4##an.org
- DNS ASK bo####.4chan.org
- DNS ASK th####family.com
- DNS ASK om##le.com
- DNS ASK microsoft.com
- DNS ASK s.##dn.org
- DNS ASK google.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''