Техническая информация
- [<HKLM>\SOFTWARE\Classes\CLSID\{e17d4fc0-5564-11d1-83f2-00a0c90dc849}\Shell\Open\Command] '' = 'explorer.exe h%1t%1t%1p%:%/%/%w%w%w%.%13%12%19%13%13%19%.%1c%1n%/%1?%11'
- <SYSTEM32>\xhqlkaw.exe 205477
- <SYSTEM32>\xhqlkaw.exe (загружен из сети Интернет)
- <SYSTEM32>\ping.exe 127.0.0.1
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\fkapzkk.bat
- <SYSTEM32>\aakuec.bat
- <SYSTEM32>\fkapzkk.bat
- <SYSTEM32>\xhqlkaw.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\329339[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\image[1].jpg
- <SYSTEM32>\tnfndxpn.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\image[1].jpg
- 'www.32##39.cn':80
- 'www.ba##usu.cn':80
- 'localhost':1037
- 'www.ba##usu.cn':8080
- www.ba##usu.cn/nba/image.jpg
- www.32##39.cn/?2
- DNS ASK www.32##39.cn
- DNS ASK www.ba##usu.cn
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''