Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GGGG' = '%TEMP%\TSAFE_A2816.exe'
- '%TEMP%\DNF克星A版.exe'
- '%TEMP%\TSAFE_B228.exe'
- '%TEMP%\ok66.exe'
- '%TEMP%\TSAFE_A2816.exe'
- '<SYSTEM32>\cmd.exe' /c %TEMP%\7D2E6775.bat
- %TEMP%\7D2E6775.bat
- %TEMP%\TSAFE_B228.exe
- %TEMP%\TSAFE_A2816.exe
- %TEMP%\ok66.exe
- %TEMP%\DNF克星A版.exe
- %TEMP%\ok66.exe
- 'localhost':6668
- '61.##3.110.206':916
- 'localhost':1046
- 'localhost':1048
- DNS ASK nj#####.YOUAREGRATES.COM
- DNS ASK nj####e.WKAKK.COM
- DNS ASK nj#####.CHEKFILES.COM
- DNS ASK www.20##dnf.com
- DNS ASK www.ha#a.cc
- DNS ASK nj####e.WEBKEKE.COM
- DNS ASK nj####e.SEASKS.COM
- DNS ASK nj#####.GAMEWOLFS.COM
- DNS ASK nj#####.SEARCHFORW.COM
- DNS ASK nj#####.VODAFANS.COM
- DNS ASK nj####e.TWOTWOC.COM
- 'nj####e.twotwoc.com':0
- 'nj####e.webkeke.com':0
- 'nj#####.vodafans.com':0
- 'nj#####.gamewolfs.com':0
- 'nj####e.seasks.com':0
- 'nj#####.searchforw.com':0
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: '(null)' WindowName: '???????????? '
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Microsoft Internet Explorer'