Техническая информация
- <SYSTEM32>\dsound.dll файлом <SYSTEM32>\dsound.dll.dat
- <SYSTEM32>\dllcache\dsound.dll файлом <SYSTEM32>\dllcache\dsound.dll
- %TEMP%\Temp\server.exe
- %TEMP%\Temp\XHD.exe
- <SYSTEM32>\rundll32.exe url.dll,FileProtocolHandler http://www.24###ohu.com/
- <SYSTEM32>\cmd.exe /c ""%TEMP%\tempVidio.bat" "
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Favorites\Нв№ТЧч·»№Щ·ЅХѕ [www.zuowg.com].url
- %TEMP%\tempVidio.bat
- %HOMEPATH%\Favorites\Нв№ТЧч·»ЧКФґХѕ [42724920.ys168.com].url
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\24xiaohu[1]
- C:\XHD.ini
- %TEMP%\Temp\server.exe
- %TEMP%\Temp\XHD.exe
- %TEMP%\kb573309.sve
- %CommonProgramFiles%\System\kb573309.dla
- %CommonProgramFiles%\System\kb573309.dla
- %TEMP%\Temp\server.exe
- %HOMEPATH%\Favorites\Нв№ТЧч·»ЧКФґХѕ [42724920.ys168.com].url
- %HOMEPATH%\Favorites\Нв№ТЧч·»№Щ·ЅХѕ [www.zuowg.com].url
- <SYSTEM32>\dllcache\dsound.dll в <SYSTEM32>\dllcache\dsound.dll.RAHB
- <SYSTEM32>\dsound.dll в <SYSTEM32>\dsound.dll.RAHB
- 'localhost':1038
- 'www.24###ohu.com':80
- www.24###ohu.com/
- www.24###ohu.com/???#####
- DNS ASK www.24###ohu.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''