Техническая информация
- '%TEMP%\qq.exe'
- '%TEMP%\逆向思维-QQ图标全能点亮器V2.0.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\GGupload[1].dll
- %TEMP%\SkinH_EL.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\config[1].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\nixiangsiwei[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\nixiangsiwei[1]
- %TEMP%\skin.dll
- %TEMP%\qq.exe
- %TEMP%\逆向思维-QQ图标全能点亮器V2.0.exe
- %WINDIR%\Temp\svchost.exe
- <SYSTEM32>\GroupPolicy\user\Scripts\script.ini
- <SYSTEM32>\GroupPolicy\gpt.ini
- %TEMP%\SkinH_EL.dll
- %TEMP%\skin.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\nixiangsiwei[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\nixiangsiwei[1]
- %TEMP%\skin.dll
- <SYSTEM32>\GroupPolicy\user\Scripts\script.ini в <SYSTEM32>\GroupPolicy\user\Scripts\scripts.ini
- 'localhost':1040
- 'www.ni####gsiwei.com':80
- '16#.#54.198.2':80
- www.ni####gsiwei.com/
- www.ni####gsiwei.com/Soft/QQtbqndlq/config.dll
- www.ni####gsiwei.com/gg/GGupload.dll
- DNS ASK www.ni####gsiwei.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'