Technical Information
- '<SYSTEM32>\taskkill.exe' /f /im Mcshield.exe
- '<SYSTEM32>\taskkill.exe' /f /im VsTskMgr.exe
- '<SYSTEM32>\taskkill.exe' /f /im 360tray.exe
- '<SYSTEM32>\taskkill.exe' /f /im Ravmon.exe
- '<SYSTEM32>\taskkill.exe' /f /im kavsvc.exe
- '<SYSTEM32>\taskkill.exe' /f /im KVXP.kxp
- '<SYSTEM32>\taskkill.exe' /f /im Rav.exe
- 360tray.exe
- %WINDIR%\empty.exe
- <Current directory>\jedata.dll
- 'ku#o.cn':80
- 'localhost':1040
- '12#.#25.114.144':80
- http://www.ku#o.cn/yinyue/461660/ via ku#o.cn
- http://www.ba##u.com/ via 12#.#25.114.144
- DNS ASK www.ku#o.cn
- DNS ASK www.ba##u.com
- ClassName: 'SysDateTimePick32' WindowName: ''
- ClassName: 'SysIPAddress32' WindowName: ''
- ClassName: 'SysTreeView32' WindowName: ''
- ClassName: 'msctls_updown32' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'SysHeader32' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'Edit' WindowName: ''
- ClassName: 'BUTTON' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'ComboBox' WindowName: ''
- ClassName: 'ListBox' WindowName: ''
- ClassName: 'msctls_progress32' WindowName: ''
- ClassName: 'msctls_trackbar32' WindowName: ''
- '%WINDIR%\empty.exe' 2884