Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'tabbar_start' = '%PROGRAM_FILES%\tabbar\tabbar_up.exe'
- %PROGRAM_FILES%\tabbar\tabbar.exe
- %PROGRAM_FILES%\tabbar\tabbar.exe (загружен из сети Интернет)
- %PROGRAM_FILES%\tabbar\tabbar_up.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\tabbar_up[1].exe
- %PROGRAM_FILES%\tabbar\tabbar_start.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\tabbar_start[1].exe
- %PROGRAM_FILES%\tabbar\tabbar.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tabbar[1].exe
- %PROGRAM_FILES%\tabbar\hook.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\hook[1].dll
- 'wf##8.com':80
- wf##8.com/down/tabbar_start.exe
- wf##8.com/_cnt/cnt03_0.php
- wf##8.com/down/tabbar_up.exe
- wf##8.com/down/tabbar.exe
- wf##8.com/down/hook.dll
- DNS ASK wf##8.com