Техническая информация
- 'C:\2345haozip_kcffeige.exe'
- '<SYSTEM32>\fange\10010793<Имя вируса>.exe' fan
- 'C:\2345haozip_kcffeige.exe' (загружен из сети Интернет)
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- <SYSTEM32>\PastmdMlj.sys
- <SYSTEM32>\fange\superec.ProcessMemory.sys
- C:\2345haozip_kcffeige.exe
- <SYSTEM32>\Past6cM5G.sys
- <Текущая директория>\superec.ProcessMemory.sys
- <SYSTEM32>\fange\10010793<Имя вируса>.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\341wg[1]
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\Past6cM5G.sys
- <SYSTEM32>\PastmdMlj.sys
- <SYSTEM32>\fange\superec.ProcessMemory.sys
- 'localhost':1045
- 'www.56##z.com':80
- 'ji#####wnload.2345.cn':80
- 'localhost':1046
- 'localhost':1039
- 'www.52##f.cc':80
- 'localhost':1041
- 'www.34##g.com':80
- ji#####wnload.2345.cn/jifen_2345/2345haozip_kcffeige.exe
- www.34##g.com/
- www.52##f.cc/cf.txt
- www.56##z.com/
- DNS ASK www.56##z.com
- DNS ASK ji#####wnload.2345.cn
- DNS ASK yy.com
- DNS ASK www.52##f.cc
- DNS ASK www.34##g.com
- DNS ASK www.ba##u.com
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: 'Microsoft Internet Explorer'