Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] '{C4560D12-CE25-4A2E-A5D4-B5070FCBE282}' = 'csiddll'
- '<SYSTEM32>\pipi_211_115.exe'
- '<SYSTEM32>\cpa_1.exe'
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\taoba_1.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\icccy.dll
- <SYSTEM32>\pipi_211_115.exe_1
- <SYSTEM32>\pipi_211_115.exe_0
- <SYSTEM32>\pipi_211_115.exe
- <SYSTEM32>\pipi_211_115.exe_2
- <SYSTEM32>\taoba_1.dll
- <SYSTEM32>\icccy.dll
- <SYSTEM32>\pipi_211_115.exe_3
- <SYSTEM32>\cpa_1.exe
- <SYSTEM32>\pipi_211_115.exe_2
- <SYSTEM32>\pipi_211_115.exe_3
- <SYSTEM32>\pipi_211_115.exe_0
- <SYSTEM32>\pipi_211_115.exe_1
- 'www.fy##ya.cn':80
- www.fy##ya.cnhttp://www.fyyaya.cn/pipi_211_115.exe
- DNS ASK www.fy##ya.cn
- ClassName: 'SystemTray_Main' WindowName: '(null)'
- ClassName: 'CSCHiddenWindow' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Proxy Desktop' WindowName: '(null)'
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'SysListView32' WindowName: '(null)'