Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- %PROGRAM_FILES%\Garss.exe "C:\Documents and Settings\QQCRT.DLL" Main
- C:\DNFТ°АЗ.exe
- C:\Server.exe
- %WINDIR%\regedit.exe /s C:\1.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\wuye[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\66iu[1]
- C:\1.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\3344dnf[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\yelang[1].html
- C:\DNFТ°АЗ.exe
- C:\Server.exe
- %TEMP%\113343_res.tmp
- %PROGRAM_FILES%\Garss.exe
- C:\DNFТ°АЗ.exe
- C:\Server.exe
- C:\1.reg
- 'www.66##.com':80
- 'xq#####6100.gicp.net':8020
- 'localhost':1036
- 'www.33##dnf.com':80
- www.66##.com/wuye.html
- www.66##.com/
- www.33##dnf.com/yelang.html
- www.33##dnf.com/
- DNS ASK xq#####6100.gicp.net
- DNS ASK www.66##.com
- DNS ASK www.33##dnf.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''