Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Devices Manager] 'Start' = '00000002'
- '%WINDIR%\system\winmgmt.exe'
- '%CommonProgramFiles%\sigver.exe'
- '%CommonProgramFiles%\vip72socks.exe'
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
- %WINDIR%\system\winmgmt.exe
- %CommonProgramFiles%\vip72socks.exe
- %CommonProgramFiles%\xxz.dat
- %CommonProgramFiles%\sigver.exe
- 'ex##.ys168.com':80
- ex##.ys168.com/
- DNS ASK ex##.ys168.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''