Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Microsoftjrq] 'Start' = '00000002'
- %WINDIR%\Iedia\svchost.exe
- <SYSTEM32>\1.exe
- <SYSTEM32>\Men32.exe
- <SYSTEM32>\svchost.exe -k netsvcs
- %WINDIR%\Help\windows32.txt
- %TEMP%\XX102921nd.temp
- %WINDIR%\Iedia\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\st520[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cfaomo[1]
- %WINDIR%\XHJ38.reg
- <SYSTEM32>\Men32.exe
- <Текущая директория>\superec.ProcessMemory.sys
- %WINDIR%\MyInformations.ini
- <SYSTEM32>\1.exe
- %WINDIR%\XHJ38.txt
- <SYSTEM32>\Men32.exe
- %WINDIR%\Help\windows32.txt
- <SYSTEM32>\1.exe
- %WINDIR%\XHJ38.txt
- %WINDIR%\XHJ38.reg
- %WINDIR%\MyInformations.ini
- 'www.st##0.net':80
- 'www.cf##mo.com':80
- 'localhost':1035
- www.st##0.net/?qq##
- www.cf##mo.com/?qq##
- DNS ASK cf###o.3322.org
- DNS ASK us##.#zone.qq.com
- DNS ASK so###a.2288.org
- DNS ASK www.st##0.net
- DNS ASK www.cf##mo.com
- DNS ASK www.ba##u.com
- '<IP-адрес в локальной сети>':1038
- '<IP-адрес в локальной сети>':1037
- '<IP-адрес в локальной сети>':1036
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''