Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'adsmini' = '%WINDIR%\runadsmini.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'adsacquy' = '%WINDIR%\adsclick.exe'
- '%WINDIR%\adsclick.exe'
- '%WINDIR%\runadsmini.exe'
- 'C:\VINACF53\VNPRO.exe'
- 'C:\VINACF53\xfire.xt'
- %WINDIR%\miniads.exe
- %WINDIR%\runadsmini.exe
- %WINDIR%\adsclick.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\preview[1].swf
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\modz.vinacf[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].php
- C:\VINACF53\xfire.xt
- C:\VINACF53\CFPH.XT
- C:\VINACF53\VNPRO.exe
- C:\VINACF53\CFVN1.XT
- C:\VINACF53\CFVN.XT
- %TEMP%\~DF7775.tmp
- 'mo##.vinacf.com':80
- 'ma####.flashobject.info':80
- 'ha##ib.net':80
- 'localhost':1037
- ma####.flashobject.info/preview.swf?id######
- mo##.vinacf.com/
- ha##ib.net/version/index.php
- DNS ASK ma####.flashobject.info
- DNS ASK mo##.vinacf.com
- DNS ASK ha##ib.net
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: '#32770' WindowName: 'Web Browser'
- ClassName: '#32770' WindowName: 'Windows Internet Explorer'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'CrossFire'
- ClassName: 'Indicator' WindowName: '(null)'