Техническая информация
- '%TEMP%\SK-Count.exe'
- '%WINDIR%\mPsUhFf.exe'
- '%WINDIR%\JmohjgI.exe'
- '%TEMP%\DNF_SK.exe'
- '%TEMP%\DNF_03.exe'
- '%TEMP%\QQ_UP.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\delself.bat" "
- dnf.exe
- %TEMP%\ComD.tmp
- %TEMP%\wwpGW.JoG
- %TEMP%\jvFwc.dIc
- <SYSTEM32>\jvFwc.dIc
- <SYSTEM32>\wwpGW.JoG
- %ALLUSERSPROFILE%\Application Data\LocalToolList.dat
- <SYSTEM32>\dllcache\mshtml.dll
- %TEMP%\delself.bat
- %TEMP%\QQ_UP.exe
- %TEMP%\ComA.tmp
- %TEMP%\DNF_SK.exe
- %TEMP%\DNF_03.exe
- %WINDIR%\mPsUhFf.exe
- %WINDIR%\JmohjgI.exe
- %TEMP%\ComC.tmp
- %TEMP%\SK-Count.exe
- %TEMP%\ComB.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\LocalToolList[1].dat
- %ALLUSERSPROFILE%\Application Data\LocalToolList.dat
- %TEMP%\DNF_03.exe
- <SYSTEM32>\mshtml.dll в <SYSTEM32>\mshtml.dllmRDBo
- <SYSTEM32>\dllcache\mshtml.dll в <SYSTEM32>\dllcache\mshtml.dllmRDBo
- <SYSTEM32>\mshtml.dll.mod в <SYSTEM32>\mshtml.dll
- 'to##.duowan.com':80
- 'ff#.#zctt.com':88
- 'localhost':1039
- 'localhost':1041
- to##.duowan.com/box/BoxConfig/LocalToolList.dat
- DNS ASK ff#.#zctt.com
- DNS ASK to##.duowan.com
- ClassName: 'TWINCONTROL' WindowName: 'µШПВіЗУлУВКї'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'TWINCONTROL' WindowName: '????????????'
- ClassName: '54321' WindowName: '12345'
- ClassName: '' WindowName: '12345'