Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\star.lnk
- %WINDIR%\Tasks\ms.job
- [<HKLM>\SYSTEM\ControlSet001\Services\Schedule] 'Start' = '00000002'
- <SYSTEM32>\rundll32.exe <SYSTEM32>/ffde.dll, Always
- %TEMP%\h8nil4o8\2.dll
- <SYSTEM32>\02afc
- <SYSTEM32>\83-105-7163
- %TEMP%\h8nil4o8\_uninstall
- %TEMP%\h8nil4o8\z.lz
- %TEMP%\h8nil4o8\p.dll.zgx.tmp
- %TEMP%\h8nil4o8\p.dll.zgx
- %TEMP%\h8nil4o8\_uninstall
- %TEMP%\h8nil4o8\z.lz
- %TEMP%\h8nil4o8\p.dll.zgx.tmp
- '12#.#apl55.com':80
- '12#.#ant-k.com':80
- '12#.##0304123.cn':80
- '12#.zzso.cn':80
- 12#.#apl55.com/1.gif
- 12#.#ant-k.com/1.gif
- 12#.##0304123.cn/1.gif
- 12#.zzso.cn/1.gif
- DNS ASK 12#.zzso.cn
- DNS ASK 12#.#apl55.com
- DNS ASK 12#.#ant-k.com
- DNS ASK ya###.com.cn
- DNS ASK 12#.##0304123.cn
- '<IP-адрес в локальной сети>':1035