Техническая информация
- '<SYSTEM32>\pfhydykx.exe'
- '%TEMP%\HappyServer6.2.exe'
- '%TEMP%\Control.exe'
- '<SYSTEM32>\attrib.exe' "%TEMP%\Control.exe" -h -r -s
- '<SYSTEM32>\cmd.exe' /c %TEMP%\arg85gcz8wo859h.bat
- <SYSTEM32>\zlib.dll
- <SYSTEM32>\pfhydykx.exe
- %TEMP%\arg85gcz8wo859h.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cfile23.uf@0141BD435181221D39DCF6[1].dll
- %TEMP%\Control.exe
- %TEMP%\HappyServer6.2.exe
- <SYSTEM32>\pfhydykx.exe
- %TEMP%\~DF9D61.tmp
- %TEMP%\Control.exe
- %TEMP%\~DF1FBD.tmp
- 'localhost':1039
- 'localhost':1040
- 'localhost':1036
- 'up#####ii.tistory.com':80
- up#####ii.tistory.com/attachment/cfile23.uf@0141BD435181221D39DCF6.dll
- DNS ASK pd###.egloos.com
- DNS ASK up#####ii.tistory.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'