Техническая информация
- <SYSTEM32>\mshtml.dll файлом <SYSTEM32>\mshtml.dll.mod
- <SYSTEM32>\dllcache\mshtml.dll файлом <SYSTEM32>\dllcache\mshtml.dll
- '%WINDIR%\veJwkly.exe'
- '%TEMP%\DNF雪花爆炸.exe'
- '%TEMP%\w66.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\delself.bat" "
- <SYSTEM32>\Inject.dll
- %TEMP%\DhomS.erU
- <SYSTEM32>\DhomS.erU
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dnf5201314[1]
- %TEMP%\delself.bat
- %TEMP%\DNF雪花爆炸.exe
- %TEMP%\w66.exe
- %TEMP%\ComA.tmp
- %TEMP%\ComB.tmp
- %WINDIR%\veJwkly.exe
- %TEMP%\w66.exe
- <SYSTEM32>\mshtml.dll в <SYSTEM32>\mshtml.dlllDvXY
- <SYSTEM32>\dllcache\mshtml.dll в <SYSTEM32>\dllcache\mshtml.dlllDvXY
- 'www.yy##422.com':80
- 'www.dn###01314.com':80
- 'localhost':1035
- 'www.yy##421.com':80
- www.dn###01314.com/
- DNS ASK www.dn###01314.com
- DNS ASK www.yy##422.com
- DNS ASK www.yy##421.com
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: '(null)' WindowName: '12345'
- ClassName: '54321' WindowName: '12345'
- ClassName: '(null)' WindowName: 'Microsoft Internet Explorer'
- ClassName: 'TWINCONTROL' WindowName: '????????????'