Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'd11host' = '<SYSTEM32>\d11host.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{372F096E-977F-4BF9-A97E-0BBED41332F2}' = 'magicaps'
- '<SYSTEM32>\taskmngr.exe'
- '<SYSTEM32>\d11host.exe'
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\bootins.1og
- %WINDIR%\bootmap.log
- <SYSTEM32>\magicaptmp.ver
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\magicap[1].ver
- <SYSTEM32>\spydll.dll
- <SYSTEM32>\taskmngr.exe
- <SYSTEM32>\magicap.ver
- <SYSTEM32>\magicap.dll
- <SYSTEM32>\d11host.exe
- <SYSTEM32>\magicaptmp.ver
- '21#.#39.88.51':8088
- 'bm#.#esky.com':80
- bm#.#esky.com/plugin/magicap.ver
- DNS ASK bm#.#esky.com