Техническая информация
- <SYSTEM32>\dsound.dll файлом <SYSTEM32>\dsound.dll.dat
- <SYSTEM32>\cmd.exe /c """%TEMP%\tempVidio.bat"" "
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.92##.com
- %WINDIR%\explorer.exe
- %HOMEPATH%\Favorites\Нв№ТЧч·»ЧКФґХѕ [42724920.ys168.com].url
- %HOMEPATH%\Favorites\Нв№ТЧч·»№Щ·ЅХѕ [www.zuowg.com].url
- %TEMP%\tempVidio.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\92sk[1]
- C:\shezhi92zhuye.ini
- %TEMP%\Temp\111.exe
- %TEMP%\Temp\Л§µВ4.9ёьРВЈЁ4ФВ19єЕЈ©.exe
- %TEMP%\kb638259.sve
- <SYSTEM32>\dsound.dll.dat
- %CommonProgramFiles%\System\kb638259.dla
- %CommonProgramFiles%\System\kb638259.dla
- %TEMP%\Temp\111.exe
- <SYSTEM32>\dsound.dll в <SYSTEM32>\dsound.dll.SFYA
- 'www.92##.com':80
- 'localhost':1034
- www.92##.com/
- DNS ASK www.92##.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''