Техническая информация
- C:\676.exe
- %TEMP%\їХµєіМРт.exe
- NtTerminateProcess, драйвер-обработчик: DOWIRE.sys
- NtQuerySystemInformation, драйвер-обработчик: DOWIRE.sys
- C:\676.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kongdao[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\oouc[1]
- <SYSTEM32>\DOWIRE.sys
- C:\676.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\s[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\t[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\t[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\kongdao[1].htm
- %TEMP%\їХµєіМРт.exe
- 'www.oo#c.cn':80
- 'www.ba##u.com':80
- 't.##.com':80
- 'localhost':1044
- 'ko###aowg.com':80
- 'www.sa##u.cn':80
- 'localhost':1035
- 'localhost':1039
- '91##wg.com':80
- www.ba##u.com/s?wd#########################
- www.oo#c.cn/
- t.##.com/kongdao
- www.sa##u.cn/t.htm
- 91##wg.com/t.htm
- ko###aowg.com/kongdao.htm
- DNS ASK www.oo#c.cn
- DNS ASK t.##.com
- DNS ASK vv.##zhikan.com
- DNS ASK www.ba##u.com
- DNS ASK www.sa##u.cn
- DNS ASK 91##wg.com
- DNS ASK ko###aowg.com
- 'vv.##zhikan.com':37211
- 'localhost':1046
- ClassName: '' WindowName: 'Microsoft Internet Explorer'
- ClassName: '' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''