Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinQvod] 'Start' = '00000002'
- '%CommonProgramFiles%\Microsoft Shared\MSInfo\QQMin.exe'
- '%TEMP%\Sx_server.exe'
- '%TEMP%\ЦРНшV5.8Л«ПЯЧЁУГ°жіхКј»Ї№¤ѕЯ.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\iplookup[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\yywuming[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\s[1]
- %TEMP%\ЦРНшV5.8Л«ПЯЧЁУГ°жіхКј»Ї№¤ѕЯ.exe
- %TEMP%\Sx_server.exe
- %CommonProgramFiles%\Microsoft Shared\MSInfo\QQMin.exe
- %CommonProgramFiles%\Microsoft Shared\MSInfo\QQMin.exe
- 'www.ba##u.com':80
- 'sh######g5201314.xicp.net':8010
- 'www.yy###ing.com':80
- 'localhost':1036
- 'in#.###ol.sina.com.cn':80
- www.ba##u.com/s?wd###################################################################
- www.yy###ing.com/
- in#.###ol.sina.com.cn/iplookup/iplookup.php?fo###########
- DNS ASK www.ba##u.com
- DNS ASK sh######g5201314.xicp.net
- DNS ASK .#.
- DNS ASK in#.###ol.sina.com.cn
- DNS ASK www.yy###ing.com
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'TAppBuilder' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''