Техническая информация
- %APPDATA%\Favorite.exe
- <SYSTEM32>\cmd.exe /c \DelUS.bat
- <SYSTEM32>\cmd.exe /c \fivi.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\logexp[1].php
- %TEMP%\nsz2.tmp\DLLWebCount.dll
- %TEMP%\nsz2.tmp\System.dll
- C:\DelUS.bat
- %TEMP%\nsz2.tmp\SelfDelete.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\inst_act[1].php
- C:\fivi.bat
- %HOMEPATH%\Favorites\»х·Оїо јј»уА» ї©ґВ №®, Gё¶ДП.url
- %APPDATA%\domain.txt
- %APPDATA%\Favorite.exe
- %HOMEPATH%\Favorites\јоЗО ЅєЖ®ё®Ж®, 11№ш°Ў.url
- %HOMEPATH%\Favorites\ґзЅЕАМ ГЈґВ ёрµз ЅєЕёАП, їБјЗ.url
- %HOMEPATH%\Favorites\µрѕШјҐ, ЅГБр 2.url
- %TEMP%\nsz2.tmp\DLLWebCount.dll
- %TEMP%\nsz2.tmp\SelfDelete.dll
- %TEMP%\nsz2.tmp\System.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\inst_act[1].php
- %APPDATA%\domain.txt
- %APPDATA%\Favorite.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\logexp[1].php
- 'www.ez##joy.com':80
- 'lo#.##sence.co.kr':80
- www.ez##joy.com/app/inst_act.php?pi##############
- lo#.##sence.co.kr/logexp.php?ai########################
- DNS ASK www.ez##joy.com
- DNS ASK lo#.##sence.co.kr
- ClassName: '' WindowName: 'LogViewer'