Техническая информация
- '<SYSTEM32>\rundll32.exe' "%APPDATA%\HIajVtlXDbvOZykbTKi\RsMtNhBVBpJpJdxeL.dll" ELoadEx L8HKgoy1/NuxU8NHKyDWVg==
- %APPDATA%\xTcYhdmoxAJFOQZbe\GNnauQtPlH
- %APPDATA%\YC\Res\YCIEMini.exe
- %APPDATA%\KZTowDLmuCKY\stGMaagANTmtGGghbBCwDJXkflsST
- %APPDATA%\HIajVtlXDbvOZykbTKi\RsMtNhBVBpJpJdxeL.dll
- %APPDATA%\xTcYhdmoxAJFOQZbe\GNnauQtPlH.tmp
- %APPDATA%\KZTowDLmuCKY\stGMaagANTmtGGghbBCwDJXkflsST.tmp
- %APPDATA%\HIajVtlXDbvOZykbTKi\RsMtNhBVBpJpJdxeL.dll в %APPDATA%\HIajVtlXDbvOZykbTKi\RsMtNhBVBpJpJdxeL.dll.tmp
- %APPDATA%\HIajVtlXDbvOZykbTKi\RsMtNhBVBpJpJdxeL.dll.tmp в %APPDATA%\HIajVtlXDbvOZykbTKi\RsMtNhBVBpJpJdxeL.dll
- %APPDATA%\KZTowDLmuCKY\stGMaagANTmtGGghbBCwDJXkflsST в %APPDATA%\KZTowDLmuCKY\stGMaagANTmtGGghbBCwDJXkflsST.tmp
- %APPDATA%\xTcYhdmoxAJFOQZbe\GNnauQtPlH в %APPDATA%\xTcYhdmoxAJFOQZbe\GNnauQtPlH.tmp
- 'cd#.#1tyx.cn':443
- 'pi#.#f120.com':8100
- 'www.16#.com':80
- www.16#.com/404.html
- DNS ASK pi#.#f120.com
- DNS ASK cd#.#1tyx.cn
- DNS ASK www.16#.com
- DNS ASK ud#.#1tyx.cn
- ClassName: 'SysListView32' WindowName: '(null)'
- ClassName: 'STATIC' WindowName: '00000594_PID_FastMM_BE'
- ClassName: 'SHELLDLL_DefView' WindowName: '(null)'
- ClassName: 'STATIC' WindowName: '00000B30_PID_FastMM_BE'
- ClassName: 'Progman' WindowName: '(null)'