Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ms_2fax] 'Start' = '00000002'
- <SYSTEM32>\67751.exe -s -i
- <SYSTEM32>\rundll32.exe <SYSTEM32>\5c1.dll,Always
- <SYSTEM32>\regsvr32.exe /s "<SYSTEM32>\c671.dll"
- <SYSTEM32>\regsvr32.exe /u /s "<SYSTEM32>\c671.dll"
- <SYSTEM32>\c671.dll
- %WINDIR%\73e1.exe
- <SYSTEM32>\5c1.dll
- %WINDIR%\871.bmp
- <SYSTEM32>\3c47
- <SYSTEM32>\8977-16
- <SYSTEM32>\67751.exe
- %WINDIR%\3ead1.txt
- %TEMP%\ekdrbv\bho.dll.zgx
- %TEMP%\ekdrbv\play.dll.zgx.tmp
- %TEMP%\ekdrbv\setup.tmp
- %TEMP%\ekdrbv\bho.dll.zgx.tmp
- %TEMP%\ekdrbv\ser.exe
- %TEMP%\ekdrbv\_uninstall
- %TEMP%\ekdrbv\play.dll.zgx
- %TEMP%\ekdrbv\ser.exe.tmp
- %TEMP%\ekdrbv\play.dll
- %TEMP%\ekdrbv\bho.dll
- %TEMP%\ekdrbv\_uninstall
- %TEMP%\ekdrbv\ser.exe
- %TEMP%\ekdrbv\play.dll.zgx.tmp
- %TEMP%\ekdrbv\bho.dll.zgx.tmp
- %TEMP%\ekdrbv\setup.tmp
- %TEMP%\ekdrbv\ser.exe.tmp
- '12#.##0304123.cn':80
- 12#.##0304123.cn/ue000/38sw.e?ui#########################
- DNS ASK 12#.##0304123.cn
- DNS ASK ya###.com.cn