Техническая информация
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe "%TEMP%\Z8Rd23hf.dll," CdapiInit QuickAuthenticationNotifier
- <SYSTEM32>\rundll32.exe "%TEMP%\cg28wCfR.dll,DllUnregisterServer" install
- %TEMP%\LrC6M8cq
- %TEMP%\Z8Rd23hf.dll
- %TEMP%\nsd2.tmp\SelfDel.dll
- %TEMP%\cg28wCfR.dll
- %TEMP%\nsd2.tmp\GetVersion.dll
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\nsd2.tmp\inetc.dll
- %TEMP%\nsd2.tmp\SelfDel.dll
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\nsd2.tmp\GetVersion.dll
- %TEMP%\nsd2.tmp\inetc.dll
- 'up######.perlandmon.co.cc':80
- up######.perlandmon.co.cc/CTmnNVzgPa+CZHNHn5GJWPgmUwH/kv/e+KRXcp5qocnu9dTUw+ZvV58i
- up######.perlandmon.co.cc/NHdL8czfj+v3K7z751TBnhw+tyabo++qTj/Q+OA0JOzvmc0LU6KKXDAe/CYEJQijRvr1RjUS++kxnIV4cnPvjNbZ664GCOYQ/8Ek3cjD+wc=
- up######.perlandmon.co.cc/rwQPCmMqihNVcXRVITCT5cBHvLIPE3FDsSekpUehAFzBAL+dVPjw8ILVSQUhKbKa+2sJh/1J22tWA+5W
- DNS ASK up######.perlandmon.co.cc
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''