Техническая информация
- '<SYSTEM32>\cmd.exe'
- <SYSTEM32>\cmd.exe
- %TEMP%\E_N30005\internet.fne
- %TEMP%\E_N30005\spec.fne
- %TEMP%\E_N30005\shell.fne
- %TEMP%\E_N30005\krnln.fnr
- %TEMP%\E_N30005\HtmlView.fne
- 'ww.#n56.net':80
- 'localhost':1047
- '12#.#25.114.144':80
- 'localhost':1039
- 'www.on#.pw':80
- 'ha#.#50gj.com':80
- http://ww.#n56.net/taihua263/lol.txt
- http://yu#.#aidu.com/share/home?uk########## via 12#.#25.114.144
- http://ha#.#50gj.com/?57####
- http://www.on#.pw/cpa/xfybm.txt
- http://www.on#.pw/cpa/xfkbm.txt
- DNS ASK ww.#n56.net
- DNS ASK yu#.#aidu.com
- DNS ASK www.on#.pw
- DNS ASK ha#.#50gj.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''