Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\NVidiaTWBGSrv] 'Start' = '00000002'
- Средство контроля пользовательских учетных записей (UAC)
- %ALLUSERSPROFILE%\Application Data\MIKVKYZOF\InstallConfig.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\detail[1]
- %TEMP%\ServerUrl.tmp
- %ALLUSERSPROFILE%\Application Data\WIKVKYZOF\Zhezi.exe
- %TEMP%\aut1.tmp
- %ALLUSERSPROFILE%\Application Data\WIKVKYZOF\IKVKYZOF.exe
- %TEMP%\aut2.tmp
- %ALLUSERSPROFILE%\Application Data\MIKVKYZOF\InstallConfig.dat
- %TEMP%\ServerUrl.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- '12#.#25.114.144':80
- 12#.#25.114.144/p/q22223344/detail
- DNS ASK q2#####44.blog.163.com
- DNS ASK www.ba##u.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'