Техническая информация
- <SYSTEM32>\dsound.dll файлом <SYSTEM32>\dsound.dll.dat
- <SYSTEM32>\cmd.exe /c """%TEMP%\tempVidio.bat"" "
- <SYSTEM32>\winlogon.exe
- <SYSTEM32>\dsound.dll.dat
- %TEMP%\tempVidio.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\wg79[1]
- %CommonProgramFiles%\System\kb644241.dla
- %TEMP%\Temp\CSOLП¬АыжЉЧоЦХ°ж.exe
- %TEMP%\Temp\server.exe
- %TEMP%\kb644241.sve
- %CommonProgramFiles%\System\kb644241.dla
- %TEMP%\Temp\server.exe
- <SYSTEM32>\dsound.dll в <SYSTEM32>\dsound.dll.HYYC
- 'localhost':1037
- 'wg##.com':80
- 'localhost':1035
- 'www.97##.com':80
- wg##.com/gonggao.txt
- wg##.com/
- www.97##.com/
- wg##.com/banben.txt
- DNS ASK www.wg##.com
- DNS ASK wg##.com
- DNS ASK www.97##.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''