Техническая информация
- C:\·Йіµ№«ЧУОЮПЮЕзµАѕЯГвТЯv9.8Гв·С°ж.exe
- C:\dsu.exe
- <SYSTEM32>\rundll32.exe "C:\Remoete.dll" cankewangluo
- <SYSTEM32>\taskkill.exe /f /t /im rundll32.exe
- <SYSTEM32>\taskkill.exe /f /im KsafeTray.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\kx136[1]
- C:\Remoete.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\x5gg[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\wg0008[1]
- C:\·Йіµ№«ЧУОЮПЮЕзµАѕЯГвТЯv9.8Гв·С°ж.exe
- C:\dsu.exe
- C:\superec.ProcessMemory.sys
- %TEMP%\122984_res.tmp
- C:\superec.ProcessMemory.sys
- 'www.wg##08.com':80
- 'gg####521.3322.org':1990
- 'www.x5##.net':80
- 'localhost':1036
- 'www.kx##6.com':80
- 'www.pp##89.com':80
- www.wg##08.com/
- www.x5##.net/
- www.pp##89.com/109.txt
- www.kx##6.com/
- DNS ASK gg####521.3322.org
- DNS ASK www.x5##.net
- DNS ASK www.wg##08.com
- DNS ASK www.kx##6.com
- DNS ASK www.pp##89.com
- ClassName: '#32770' WindowName: 'Windows ??????????'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '#32770' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''