Техническая информация
- '<SYSTEM32>\wxpSetup202.exe'
- '%WINDIR%\ad3248.exe'
- '%TEMP%\soft202.exe'
- '<SYSTEM32>\wxpSetup202.exe' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\$$336699.bat
- '<SYSTEM32>\regsvr32.exe' /s "%CommonProgramFiles%\CPUSH\cpush.dll"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wxpSetup202[1].txt
- %CommonProgramFiles%\CPUSH\cpush.dll
- %TEMP%\$$336699.bat
- <SYSTEM32>\wxpSetup202.txt
- %CommonProgramFiles%\CPUSH\Uninst.exe
- %TEMP%\soft202.exe
- %TEMP%\nsb2.tmp
- %TEMP%\nsd4.tmp
- %WINDIR%\ad3248.exe
- %TEMP%\soft202.exe
- <SYSTEM32>\wxpSetup202.txt в <SYSTEM32>\wxpSetup202.exe
- 'ww##.clalexa.cn':80
- 'localhost':1037
- ww##.clalexa.cn/download/wxpSetup202.txt
- DNS ASK ww##.clalexa.cn