Техническая информация
- '%CommonProgramFiles%\OSE2.EXE'
- '%CommonProgramFiles%\OSE2.EXE' (загружен из сети Интернет)
- '%WINDIR%\regedit.exe' /s C:\Msreg4.reg
- '<SYSTEM32>\cmd.exe' /c C:\Qser.bat
- '%WINDIR%\regedit.exe' /s C:\Msreg3.reg
- '%WINDIR%\regedit.exe' /s C:\Msreg1.reg
- '%WINDIR%\regedit.exe' /s C:\Msreg2.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\logo-yy[1].gif
- %CommonProgramFiles%\msthani.exe
- %CommonProgramFiles%\devmgmt.exe
- %CommonProgramFiles%\OSE2.EXE
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\new[1].exe
- %CommonProgramFiles%\who.gif
- C:\Msreg3.reg
- C:\Msreg2.reg
- C:\Msreg1.reg
- C:\Qser.bat
- C:\Qser.Inf
- C:\Msreg4.reg
- C:\Qser.Inf
- C:\Qser.bat
- %CommonProgramFiles%\who.gif
- C:\Msreg4.reg
- C:\Msreg1.reg
- C:\Msreg2.reg
- C:\Msreg3.reg
- 'www.ji####ida.com.cn':80
- '12#.#25.114.144':80
- www.ji####ida.com.cn/new.exe
- 12#.#25.114.144/img/logo-yy.gif
- DNS ASK www.ji####ida.com.cn
- DNS ASK www.ba##u.com
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'