Техническая информация
- '%WINDIR%\syswow64\net.exe' stop Netmen
- '%WINDIR%\syswow64\net.exe' stop Netmenc
- '%WINDIR%\syswow64\net.exe' stop NetDDESRV
- '%WINDIR%\syswow64\net.exe' stop NetDDESS
- %WINDIR%\syswow64\drmgs.sys
- %WINDIR%\syswow64\comsa64.sys
- 'vp#.#oulei.net':80
- 'vp#.#eb969.com':80
- http://vp#.#oulei.net/netmen/netmen.bin
- http://vp#.#eb969.com/netmen/netmen.bin
- DNS ASK vp#.#oulei.net
- DNS ASK vp#.#eb969.com
- ClassName: '' WindowName: 'ZCbOa77WHIQ7WHIQ7WHIQ7......AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHIQ7WHIQ7WHHV1jXE..........ZZZ'
- ClassName: '' WindowName: 'Ö÷¶¯·ÀÓù ÐÅÏ¢'
- ClassName: '' WindowName: 'Ö÷¶¯·ÀÓù ¾¯¸æ'
- ClassName: '' WindowName: 'Ö÷¶¯·ÀÓù'
- ClassName: '' WindowName: 'ВѕВЇВ±ВЁ - ¿¨°Í˹»ù·´²¡¶¾ÈГВјГѕ 2009'
- ClassName: '#32770' WindowName: ''
- ClassName: 'Afx:400000:0' WindowName: ''
- ClassName: '#32770' WindowName: 'ÈðÐÇ×¢²á±ГВјГ ВїГГЊГЎГЉВѕ'
- ClassName: '#32770' WindowName: 'IE Ö´Ðб£»¤'
- ClassName: '#32770' WindowName: 'IEÖ´Ðб£»¤'
- ClassName: '#32770' WindowName: 'ÈðÐÇ¿¨¿¨ÉÏÍø°²È«ÖúÊÖ - IE·À©ǽ'
- '%WINDIR%\syswow64\net.exe' stop Netmen' (со скрытым окном)
- '%WINDIR%\syswow64\net.exe' stop Netmenc' (со скрытым окном)
- '%WINDIR%\syswow64\net.exe' stop NetDDESRV' (со скрытым окном)
- '%WINDIR%\syswow64\net.exe' stop NetDDESS' (со скрытым окном)
- '%WINDIR%\syswow64\net1.exe' stop Netmen
- '%WINDIR%\syswow64\net1.exe' stop Netmenc
- '%WINDIR%\syswow64\net1.exe' stop NetDDESRV
- '%WINDIR%\syswow64\net1.exe' stop NetDDESS