Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinHmks32] 'Start' = '00000002'
- <SYSTEM32>\WinHvqf32.exe
- %WINDIR%\75ts
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\belief[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\1[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\goto[1].html
- %WINDIR%\75ts
- <SYSTEM32>\WinHvqf32.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\75ts[1]
- <SYSTEM32>\WinHvqf32.exe
- %WINDIR%\75ts
- 'www.yy.com':80
- '4.##cfw.com':6060
- 'www.nz##.com':80
- 'localhost':1035
- 'www.75##.com':80
- www.nz##.com/1.html
- www.yy.com/goto.html
- www.75##.com/belief.html
- www.75##.com/T2.txt
- www.75##.com/
- DNS ASK www.yy.com
- DNS ASK 4.##cfw.com
- DNS ASK www.75##.com
- DNS ASK www.nz##.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''