Техническая информация
- <SYSTEM32>\RkwDNMC\XRTggfF.exe
- <SYSTEM32>\XRTggfF\RkwDNMC.exe
- C:\zRzqfeC.exe
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://dd#.####bnmzxcvbnm.com:9999/Chinagogogogo.ashx?Ma###############################################################
- C:\R3yTfiJ1LeKmHn4.tmp10
- <SYSTEM32>\ttao.ico
- C:\q1xkbiD3DfH1SpV.tmp9
- C:\o75IhKtOoS7W31i.tmp7
- C:\Y1y4GAK0bGjQw0E.tmp8
- <SYSTEM32>\XRTggfF\cacls.exe
- <SYSTEM32>\XRTggfF\attrib.exe
- <SYSTEM32>\xzws.ico
- <SYSTEM32>\dydy.ico
- <SYSTEM32>\xyxs.ico
- C:\EscfUCx.bat
- C:\epYJ6gpX17M0Hwc.tmp1
- <SYSTEM32>\RkwDNMC\XRTggfF.exe
- C:\zRzqfeC.exe
- <SYSTEM32>\XRTggfF\RkwDNMC.exe
- C:\wEvm0DjMIfmdRbR.tmp5
- C:\g6m40FiFboTaza1.tmp6
- C:\EfaYXTgHtddepKh.tmp4
- C:\t18Fj7DRyA4gQHP.tmp2
- C:\6OvlFJpjROiHKyC.tmp3
- <SYSTEM32>\RkwDNMC\XRTggfF.exe
- <SYSTEM32>\XRTggfF\RkwDNMC.exe
- 'dd#.###vbnmzxcvbnm.com':9999
- 'localhost':1033
- DNS ASK dd#.###vbnmzxcvbnm.com
- '10.#.1.1':1034
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''