Техническая информация
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- %TEMP%\nsg28B6.tmp\config.txt
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\kconfig[1].txt
- %PROGRAM_FILES%\їбІҐµзКУ\uninst.exe
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\їбІҐµзКУ\Uninstall.lnk
- %TEMP%\nsg28B6.tmp\nsm5ACF.tmp
- %TEMP%\nsg28B6.tmp\System.dll
- %TEMP%\nsm28A6.tmp
- %TEMP%\nsg28B6.tmp\a.htm
- %TEMP%\nsg28B6.tmp\Inetc.dll
- %TEMP%\nsg28B6.tmp\Inetc.dll
- %TEMP%\nsg28B6.tmp\System.dll
- %TEMP%\nsg28B6.tmp\config.txt
- %TEMP%\nsg28B6.tmp\nsm5ACF.tmp
- %TEMP%\nsg28B6.tmp\a.htm
- 'do####ad.zjject.com':80
- 'kp.###ngqiuhao.com':80
- do####ad.zjject.com/kconfig.txt
- kp.###ngqiuhao.com/kip.php
- DNS ASK do####ad.zjject.com
- DNS ASK kp.###ngqiuhao.com
- ClassName: 'CicLoaderWndClass' WindowName: '(null)'