Technical Information
- [HKLM\System\CurrentControlSet\Services\ialdnwxf] 'ImagePath' = '<Current directory>\superec.ProcessMemory.sys'
- [HKLM\System\CurrentControlSet\Services\ASTTools] 'ImagePath' = '<Current directory>\SuperDeletor.txt'
- 'ialdnwxf' <Current directory>\\superec.ProcessMemory.sys
- 'ialdnwxf' <Current directory>\superec.ProcessMemory.sys
- 'ASTTools' <Current directory>\SuperDeletor.txt
- <Current directory>\superec.processmemory.sys
- %WINDIR%\temp\udd6af2.tmp
- <Current directory>\superdeletor.txt
- <Current directory>\skinh_el.dll
- <Current directory>\skinh_el.dll
- %WINDIR%\temp\udd6af2.tmp
- <Current directory>\superdeletor.txt
- 'qi####i.gotoip3.com':80
- http://qi####i.gotoip3.com/piao7.asp
- DNS ASK qi####i.gotoip3.com
- ClassName: '' WindowName: ''