Техническая информация
- <SYSTEM32>\dumprep.exe 1568 -dm 7 7 "%TEMP%\WERf1d7.dir00\explorer.exe.hdmp" 16325836412028300
- <SYSTEM32>\rundll32.exe <SYSTEM32>\sysdm.cpl,NoExecuteProcessException %WINDIR%\explorer.exe
- <SYSTEM32>\dumprep.exe 1568 -dm 7 7 "%TEMP%\WERf1d7.dir00\explorer.exe.mdmp" 16325836412028288
- <SYSTEM32>\ping.exe 127.1 /n 2
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE
- %WINDIR%\Explorer.EXE
- %TEMP%\WERf1d7.dir00\appcompat.txt
- %TEMP%\WERf1d7.dir00\manifest.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\c[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\config[1].asp
- <SYSTEM32>\mn.dll
- <SYSTEM32>\gewsfegtws.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\d[1].php
- 'localhost':1040
- 'www.9b##.com':80
- 'c0.##ooker.net':80
- c0.##ooker.net/mn/c.php
- www.9b##.com/mn/config.asp
- c0.##ooker.net/mn/d.php
- DNS ASK www.9b##.com
- DNS ASK c0.##ooker.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''