Техническая информация
- C:\NMService1.exe
- %TEMP%\xjm.exe
- C:\NMService.exe
- %TEMP%\0405.vmp.exe
- <SYSTEM32>\winlogon.exe
- <SYSTEM32>\winlogon.exe
- C:\NMService1.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\212344269201291082556362[1]
- %TEMP%\xjm.exe
- C:\NMService.exe
- %TEMP%\0405.vmp.exe
- 'ch######fuzhu.blog.163.com':80
- 'hi.##idu.com':80
- ch######fuzhu.blog.163.com/blog/static/212344269201291082556362/
- hi.##idu.com/qq380000002/item/db4d622f488512e5a5275a3a
- DNS ASK ch######fuzhu.blog.163.com
- DNS ASK hi.##idu.com
- ClassName: 'Shell_TrayWnd' WindowName: ''