Техническая информация
- %PROGRAM_FILES%\Garss.exe "C:\Documents and Settings\QQCRT.DLL" Main
- %HOMEPATH%\Start Menu\X.exe
- C:\Server.exe
- C:\ГЬВлёґЦЖ.exe
- <SYSTEM32>\rundll32.exe cryptext.dll,CryptExtAddCER %WINDIR%\Windows.cer
- %TEMP%\176015_res.tmp
- <SYSTEM32>\superec.io.sys
- <SYSTEM32>\keylog.dat
- %TEMP%\176046_res.tmp
- C:\ГЬВлёґЦЖ.exe
- C:\Server.exe
- %TEMP%\143796_res.tmp
- %PROGRAM_FILES%\Garss.exe
- C:\ГЬВлёґЦЖ.exe
- C:\Server.exe
- %TEMP%\176046_res.tmp в %WINDIR%\Windows.cer
- C:\<Служебное имя>rary.exe в %HOMEPATH%\Start Menu\X.exe
- %TEMP%\176015_res.tmp в C:\<Служебное имя>rary.exe
- C:\Server.exe в %PROGRAM_FILES%\QQ.EXE
- %TEMP%\143796_res.tmp в C:\Documents and Settings\QQCRT.DLL
- 'cq####aa.gicp.net':8010
- DNS ASK cq####aa.gicp.net
- ClassName: '#32770' WindowName: '????????'
- ClassName: '#32770' WindowName: '????????????'
- ClassName: 'Shell_TrayWnd' WindowName: ''