Техническая информация
- %TEMP%\RarSFX0\.175cs.exe
- %TEMP%\RarSFX0\175cs.exe
- <SYSTEM32>\wbem\wmiadap.exe /R /T
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.17##s.cn/
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\175cs[1]
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.ini
- %PROGRAM_FILES%\ЛЅ·юРЎ№ЬјТ\ЛЅ·юРЎ№ЬјТ.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\mir[1].dat
- %TEMP%\RarSFX0\175cs.exe
- %TEMP%\RarSFX0\.175cs.dll
- %TEMP%\RarSFX0\.175cs.exe
- %TEMP%\RarSFX0\17cs.exe
- %TEMP%\RarSFX0\.175cs.exe
- <SYSTEM32>\wbem\Performance\WmiApRpl_new.h в <SYSTEM32>\wbem\Performance\WmiApRpl.h
- 'localhost':1038
- 'www.sf##j.com':80
- 'localhost':1035
- 'www.17##s.cn':80
- www.sf##j.com/go/mir.dat
- www.17##s.cn/
- DNS ASK www.sf##j.com
- DNS ASK www.17##s.cn
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''