Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ads' = '%WINDIR%\adsclick.exe'
- %WINDIR%\adsclick.exe
- C:\VINACFCFPH1106BUILD4\xfire.dat
- C:\VINACFCFPH1106BUILD4\VINACF CFPH.exe
- <SYSTEM32>\rundll32.exe InetCpl.cpl,ClearMyTracksByProcess 2
- <SYSTEM32>\rundll32.exe InetCpl.cpl,ClearMyTracksByProcess 8
- %WINDIR%\adsclick.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[2].php
- C:\VINACFCFPH1106BUILD4\sxs.dat
- C:\VINACFCFPH1106BUILD4\xfire.dat
- C:\VINACFCFPH1106BUILD4\VINACF CFPH.exe
- %TEMP%\~DF5B31.tmp
- 'sr#.#ytes.net':80
- 'localhost':1038
- 'ha##ib.net':80
- sr#.#ytes.net/active/CFPH/index.php?ve##############
- ha##ib.net/version/index.php
- DNS ASK sr#.#ytes.net
- DNS ASK ha##ib.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''