Техническая информация
- '<SYSTEM32>\regsvr32.exe' /s "%TEMP%\~DFA6158.tmp"
- '<SYSTEM32>\regsvr32.exe' /s "%TEMP%\~DFA9388.tmp"
- '<SYSTEM32>\regsvr32.exe' /s "<SYSTEM32>\mswinsck.ocx"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\file[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\file[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\file[1].txt
- %TEMP%\3916.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\dezhou[1].ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\file[2].txt
- %TEMP%\DFA5786.tmp
- <SYSTEM32>\mswinsck.ocx
- %WINDIR%\sys.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\file[1].txt
- %TEMP%\~DFA9A3C.TMP
- %TEMP%\~DFA9388.tmp
- %TEMP%\3916.dat
- %TEMP%\DFA5786.tmp
- 'www.v3##.net':80
- 'www.ah##.net':80
- 'us##.yswm.net':80
- 'www.v1##.net':80
- 'localhost':1035
- 'www.pc##8.net':80
- 'www.ys##.net':80
- www.v3##.net/file.txt
- www.ah##.net/file.txt
- us##.yswm.net/yswm/dezhou.ini
- www.pc##8.net/file.txt
- www.ys##.net/file.txt
- www.v1##.net/file.txt
- DNS ASK www.v3##.net
- DNS ASK www.ah##.net
- DNS ASK us##.yswm.net
- DNS ASK www.pc##8.net
- DNS ASK www.ys##.net
- DNS ASK www.v1##.net