Техническая информация
- <SYSTEM32>\cmd.exe /c ""%TEMP%\t.bat" "
- <SYSTEM32>\runonce.exe -r
- ClassName: '' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: ''
- ClassName: '' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: '' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: ''
- ClassName: 'OLLYDBG' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- ClassName: 'pediy06' WindowName: ''
- %WINDIR%\inf\oem4.inf
- %PROGRAM_FILES%\MSDN\atixi.inf
- <DRIVERS>\SET3.tmp
- %TEMP%\t.bat
- <DRIVERS>\SET6.tmp
- %WINDIR%\inf\oem4.PNF
- %WINDIR%\inf\oem3.PNF
- %PROGRAM_FILES%\MSDN\atixx.inf
- %PROGRAM_FILES%\MSDN\000000000
- %PROGRAM_FILES%\MSDN\atixx.sys
- %WINDIR%\inf\oem3.inf
- %PROGRAM_FILES%\MSDN\000000001
- %PROGRAM_FILES%\MSDN\atixi.sys
- %PROGRAM_FILES%\MSDN\atixi.sys
- %PROGRAM_FILES%\MSDN\atixx.inf
- %PROGRAM_FILES%\MSDN\atixx.sys
- %PROGRAM_FILES%\MSDN\000000001
- 'ad.##odcom.com':8881
- DNS ASK ad.##odcom.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '18467-41' WindowName: ''