Техническая информация
- <SYSTEM32>\ping.exe 1.0.0.1 -n
- <SYSTEM32>\cmd.exe /c """%TEMP%\829.bat"" "
- <SYSTEM32>\regsvr32.exe /s <SYSTEM32>\tdnones.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\sogou[1].php
- %TEMP%\829.bat
- <SYSTEM32>\tdnones.dll
- 'ad.#qcb.com':80
- 'localhost':1035
- ad.#qcb.com/sogou.php?id###
- DNS ASK ad.#qcb.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''