Техническая информация
- %TEMP%\dnf.exe.exe
- %TEMP%\xueer.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\xueer2012[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\baidu[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\xiaomengmeng[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\s[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\xhm2012[1]
- %TEMP%\$filenumber.txt
- %TEMP%\$filenumbere.txt
- %TEMP%\xueer.exe
- %TEMP%\superec.ProcessMemory.sys
- %TEMP%\dnf.exe.exe
- %TEMP%\superec.ProcessMemory.sys
- %TEMP%\$filenumber.txt
- %TEMP%\$filenumbere.txt
- 'ba##u.com':80
- 'www.xi####ngmeng.com':80
- 'www.xh##012.com':80
- 'www.xu###2012.com':80
- 'localhost':1035
- 'localhost':1036
- 'xm##t.com':80
- www.xi####ngmeng.com/
- www.xh##012.com/
- ba##u.com/s?wd#
- xm##t.com/bd/MX/T.php?go######
- ba##u.com/
- www.xu###2012.com/
- DNS ASK www.xh##012.com
- DNS ASK www.xi####ngmeng.com
- DNS ASK www.ba##u.com
- DNS ASK xm##t.com
- DNS ASK www.xu###2012.com
- DNS ASK ba##u.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''