Техническая информация
- %PROGRAM_FILES%\Garss.exe "C:\Documents and Settings\QQCRT.DLL" Main
- %HOMEPATH%\Start Menu\X.exe
- C:\Server.exe
- C:\DNFТЭЅз.exe
- <SYSTEM32>\rundll32.exe cryptext.dll,CryptExtAddCER %WINDIR%\Windows.cer
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\DNFqingc[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\xiazdiz[1].html
- %TEMP%\253453_res.tmp
- <SYSTEM32>\keylog.dat
- %TEMP%\253484_res.tmp
- C:\DNFТЭЅз.exe
- C:\Server.exe
- %PROGRAM_FILES%\Garss.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dnfkule[1]
- %TEMP%\219171_res.tmp
- C:\DNFТЭЅз.exe
- C:\Server.exe
- %TEMP%\253484_res.tmp в %WINDIR%\Windows.cer
- C:\<Служебное имя>rary.exe в %HOMEPATH%\Start Menu\X.exe
- %TEMP%\253453_res.tmp в C:\<Служебное имя>rary.exe
- C:\Server.exe в %PROGRAM_FILES%\QQ.EXE
- %TEMP%\219171_res.tmp в C:\Documents and Settings\QQCRT.DLL
- 'an####858.gicp.net':8070
- 'www.dn###ngc.com':80
- 'localhost':1036
- 'www.dn##ule.com':80
- www.dn###ngc.com/DNFqingc.html
- www.dn##ule.com/xiazdiz.html
- www.dn##ule.com/
- DNS ASK www.dn###ngc.com
- DNS ASK an####858.gicp.net
- DNS ASK www.dn##ule.com
- ClassName: '#32770' WindowName: '????????????'
- ClassName: '#32770' WindowName: '????????'
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''