Техническая информация
- Cредство проверки системных файлов (SFC)
- '%WINDIR%\Temp\panlong.exe'
- '%WINDIR%\Temp\dnf.exe'
- '%WINDIR%\Temp\dn.exe'
- '<SYSTEM32>\net.exe' stop dhcp
- '<SYSTEM32>\net1.exe' stop dhcp
- '<SYSTEM32>\rundll32.exe' "%PROGRAM_FILES%\Azalea.ime",Runed
- '<SYSTEM32>\sfc.exe' /REVERT
- '<SYSTEM32>\cmd.exe' /c c:\del.bat
- %PROGRAM_FILES%\taskmgrnn.upx
- %PROGRAM_FILES%\Orchid.ime
- %PROGRAM_FILES%\Tulip.ime
- C:\del.bat
- %PROGRAM_FILES%\Sunflower.ime
- <SYSTEM32>\systemp
- %WINDIR%\Temp\dn.exe
- %WINDIR%\Temp\dnf.exe
- %WINDIR%\Temp\panlong.exe
- %PROGRAM_FILES%\Lily.ime
- %PROGRAM_FILES%\Azalea.ime
- <SYSTEM32>\sfcos.dll
- %WINDIR%\Temp\dnf.exe
- %WINDIR%\Temp\dn.exe в C:\RECYCLER\183531.tmp
- 'www.si##.com.cn':80
- www.si##.com.cn/
- DNS ASK www.si##.com.cn
- 'localhost':1053
- '23#.#55.255.250':1900
- ClassName: 'AutoHotkey' WindowName: '%WINDIR%\Temp\panlong.exe'
- ClassName: '#32771' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''