Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{F58EDC0F-DC0F-62ED-0F62-C0F2EC0F62ED}' = ''
- iexplore.exe
- <SYSTEM32>\mster32.exe
- <SYSTEM32>\crytp.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\post[1].htm
- <SYSTEM32>\system32.ini
- %PROGRAM_FILES%\iphone.exe
- <SYSTEM32>\crytp.dll
- <SYSTEM32>\winsys32.dll
- %PROGRAM_FILES%\TIMProxy.dll
- 'v2.##tmd.com':80
- v2.##tmd.com/v1.txt
- v2.##tmd.com/a.x?i=#
- v2.##tmd.com/ccc/post.asp
- v2.##tmd.com/update.txt
- v2.##tmd.com/ccc/post.asp
- DNS ASK v2.##tmd.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''