Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ASTTools] 'ImagePath' = '<Текущая директория>\SuperDeletor.txt'
- [<HKLM>\SYSTEM\ControlSet001\Services\Lazyer05] 'ImagePath' = '%TEMP%\1C28A92.TP'
- ClassName: 'Filemonclass' WindowName: ''
- ClassName: 'Regmonclass' WindowName: ''
- %TEMP%\1C28A92.TP
- <Текущая директория>\SuperDeletor.txt
- <SYSTEM32>\xilehlp.dll
- <SYSTEM32>\xulehlp.dll
- <Текущая директория>\SuperDeletor.txt
- %TEMP%\1C28A92.TP
- <Полный путь к файлу>
- из <Полный путь к файлу> в %TEMP%\29476.tmp
- 'www.gs##y.net':80
- 'localhost':1036
- http://www.gs##y.net/
- http://www.gs##y.net/user/piaoyh.asp
- DNS ASK www.gs##y.net
- ClassName: '' WindowName: 'TASLogin.exe'
- ClassName: '' WindowName: 'Tencentdl.exe'
- ClassName: '' WindowName: 'TXPlatform.exe'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: '' WindowName: 'BaofengPlatform.exe'
- ClassName: '18467-41' WindowName: ''
- ClassName: '4823-00000029' WindowName: ''
- ClassName: '' WindowName: 'EXCEL.EXE'
- ClassName: '' WindowName: 'conime.exe'
- ClassName: '' WindowName: 'BFAssistantSvc_Old.exe_del_old'