Техническая информация
- '<SYSTEM32>\regsvr32.exe' /s "%TEMP%\~DFA2515.tmp"
- '<SYSTEM32>\regsvr32.exe' /s "%TEMP%\~DFA7453.tmp"
- '<SYSTEM32>\regsvr32.exe' /s "<SYSTEM32>\mswinsck.ocx"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\file[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\file[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\file[1].txt
- %TEMP%\3160.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\taian[1].ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\file[2].txt
- <SYSTEM32>\mswinsck.ocx
- %WINDIR%\sys.dat
- %TEMP%\DFA7775.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\file[1].txt
- %TEMP%\~DFA7453.tmp
- %TEMP%\3160.dat
- %TEMP%\DFA7775.tmp
- 'www.v3##.net':80
- 'www.ah##.net':80
- 'us##.yswm.net':80
- 'www.v1##.net':80
- 'localhost':1035
- 'www.pc##8.net':80
- 'www.ys##.net':80
- www.v3##.net/file.txt
- www.ah##.net/file.txt
- us##.yswm.net/yswm/taian.ini
- www.pc##8.net/file.txt
- www.ys##.net/file.txt
- www.v1##.net/file.txt
- DNS ASK www.v3##.net
- DNS ASK www.ah##.net
- DNS ASK us##.yswm.net
- DNS ASK www.pc##8.net
- DNS ASK www.ys##.net
- DNS ASK www.v1##.net