Техническая информация
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\osm\MSWINSCK.OCX"
- <SYSTEM32>\regsvr32.exe /s /u <SYSTEM32>\mscomctl.ocx
- <SYSTEM32>\regsvr32.exe /u /s "%PROGRAM_FILES%\osm\osm.OCX"
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\osm\osm.OCX"
- <SYSTEM32>\regini.exe %WINDIR%\sys.ini
- <SYSTEM32>\regsvr32.exe /s <SYSTEM32>\DLLProject.dll
- <SYSTEM32>\rundll32.exe <SYSTEM32>\startlock.dll,osm
- <SYSTEM32>\winlogon.exe
- <SYSTEM32>\rundll32.exe <SYSTEM32>\mydll.dll,osm
- <SYSTEM32>\winlogon.exe
- %PROGRAM_FILES%\user.dat
- <SYSTEM32>\58lianmeng\lockie.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\osm[1].ini
- %WINDIR%\system\ad.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ad[1].ini
- C:\osm.ini
- %WINDIR%\sys.ini
- <SYSTEM32>\lockie.ini
- <SYSTEM32>\MyDll.dll
- <SYSTEM32>\DLLProject.dll
- <SYSTEM32>\startlock.dll
- %PROGRAM_FILES%\osm\osm.OCX
- %PROGRAM_FILES%\osm\MSWINSCK.OCX
- <SYSTEM32>\SPy.ime
- 'up####.woai310.com':80
- 'localhost':1036
- up####.woai310.com/media/lockie/ad.ini
- up####.woai310.com/media/lockie/osm.ini
- DNS ASK up####.woai310.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''