Техническая информация
- '<SYSTEM32>\rundll32.exe' url.dll,FileProtocolHandler www.yi##520.com
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\xxwging[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ava[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\aiaipan[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\80w[1]
- %HOMEPATH%\Favorites\ДЫІЭёЁЦъ.url
- <SYSTEM32>\SuperEC_Hook.dll
- %HOMEPATH%\Favorites\ТЧИ¤У°Фє ТЧИ¤520 ЧоРВµзУ° ЧоРВµзКУѕз єГїґµДµзУ° єГїґµДµзКУѕз.url
- %HOMEPATH%\Favorites\ГюГюїґ-ФЪПЯЗйЙ«.url
- 'localhost':1043
- 'www.80#.cc':80
- 'www.ai##pan.com':80
- 'localhost':1036
- 'www.xx##ing.com':80
- 'localhost':1041
- www.80#.cc/
- www.ai##pan.com/
- www.xx##ing.com/ava.txt
- www.xx##ing.com/
- DNS ASK www.ai##pan.com
- DNS ASK www.yi##520.com
- DNS ASK www.xx##ing.com
- DNS ASK www.80#.cc
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'