Technical Information
- '<SYSTEM32>\regsvr32.exe' <SYSTEM32>\Microrui.dll /s
- '<SYSTEM32>\regsvr32.exe' <SYSTEM32>\dm.dll /s
- [<HKLM>\SOFTWARE\Classes\CLSID\{8C619547-6AE5-445E-B425-322C36AFCEF1}\InprocServer32] '' = '<SYSTEM32>\Microrui.dll'
- [<HKLM>\SOFTWARE\Classes\CLSID\{26037A0E-7CBD-4FFF-9C63-56F2D0770214}\InprocServer32] '' = '<SYSTEM32>\dm.dll'
- ClassName: 'Filemonclass', WindowName: ''
- ClassName: 'Regmonclass', WindowName: ''
- <SYSTEM32>\dm.dll
- <SYSTEM32>\Microrui.dll
- %TEMP%\22d13.tmp
- %TEMP%\22224.tmp
- %TEMP%\227c3.tmp
- %TEMP%\22d13.tmp
- %TEMP%\227c3.tmp
- %TEMP%\22224.tmp
- 'jd####hwl.plyz.net':80
- 'localhost':1039
- http://jd####hwl.plyz.net/wuwei1.5/piaoyh.asp
- DNS ASK jd####hwl.plyz.net
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '4823-00000029' WindowName: ''
- ClassName: '18467-41' WindowName: ''