Техническая информация
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://yy.##owan.com/go.html#7766
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FileMonClass' WindowName: ''
- NtWriteVirtualMemory, драйвер-обработчик: loveML.sys
- NtReadVirtualMemory, драйвер-обработчик: loveML.sys
- NtQuerySystemInformation, драйвер-обработчик: loveML.sys
- <SYSTEM32>\loveML.sys
- <Текущая директория>\SkinH_EL.dll
- <SYSTEM32>\loveML.sys
- <Текущая директория>\SkinH_EL.dll
- <SYSTEM32>\loveML.sys
- 'yy.##owan.com':80
- 'localhost':1037
- yy.##owan.com/go.html
- DNS ASK yy.##owan.com
- ClassName: '' WindowName: 'TenSafe.exe_3'
- ClassName: '' WindowName: 'Txplatform.exe'
- ClassName: '' WindowName: 'TenSafe.exe_1'
- ClassName: '' WindowName: 'TenSafe.exe_2'
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: '' WindowName: 'tencentdl.exe'
- ClassName: '' WindowName: 'TenioDL.exe'
- ClassName: '18467-41' WindowName: ''
- ClassName: '' WindowName: 'BackgroundDownloader.exe'
- ClassName: '' WindowName: 'TenSafe_2.exe'
- ClassName: '' WindowName: 'TenSafe_3.exe'
- ClassName: '' WindowName: 'TenSafe.exe'
- ClassName: '' WindowName: 'TenSafe_1.exe'