Техническая информация
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\dm.dll
- '<SYSTEM32>\regsvr32.exe' MSWINSCK.OCX /s
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\deltmp.bat" "
- '<SYSTEM32>\rasphone.exe' -d 宽带连接
- '<SYSTEM32>\shutdown.exe' -r -t 0
- <SYSTEM32>\dnf222.txt
- <SYSTEM32>\volumeid.exe
- <SYSTEM32>\dialupass.exe
- <SYSTEM32>\deltmp.bat
- <Текущая директория>\IPset.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\FVEGUMGC\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\QLYFIVYZ\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YQWAKLDJ\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\WXYN4LAB\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\FVEGUMGC\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\QLYFIVYZ\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YQWAKLDJ\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\WXYN4LAB\desktop.ini
- 'localhost':1044
- '<IP-адрес в локальной сети>':81
- DNS ASK www.so##.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'qqlogin.exe'
- ClassName: '(null)' WindowName: 'Microsoft Windows'
- ClassName: '(null)' WindowName: 'Madu.exe'
- ClassName: '(null)' WindowName: '?????? - Microsoft Windows'
- ClassName: '(null)' WindowName: 'DNF.exe - ??????'
- ClassName: 'WTWindow' WindowName: '(null)'