Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AudioEndpointBuilder] 'ImagePath' = '%WINDIR%\AudioEndpointBuilder.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\AudioEndpointBuilder] 'Start' = '00000002'
- 'C:\Picture.exe' (загружен из сети Интернет)
- 'C:\Picture.exe'
- '%WINDIR%\AudioEndpointBuilder.exe'
- C:\Picture.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\8.96[1].exe
- %WINDIR%\AudioEndpointBuilder.exe
- 'us###.qzone.qq.com':80
- '36####fi.meibu.net':6666
- '12#.#32.11.106':80
- http://us###.qzone.qq.com/fcg-bin/cgi_get_portrait.fcg?ui###########
- http://12#.#32.11.106/8.96.exe
- DNS ASK us###.qzone.qq.com
- DNS ASK 36####fi.meibu.net