Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Microsoft Office.lnk
- '%PROGRAM_FILES%\YAH00\messenger.exe'
- '%WINDIR%\Temp\d11hst3g.exe'
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\hfblddel.bat" "
- %PROGRAM_FILES%\YAH00\win_.ini
- %PROGRAM_FILES%\YAH00\messenger.exe
- <Текущая директория>\tmp.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\114la[1]
- %PROGRAM_FILES%\YAH00\messenger.dll
- <Текущая директория>\SAIFUL KEMBARAN C FUNGSI BARU BPAA.doc
- %WINDIR%\Temp\SAIFUL KEMBARAN C FUNGSI BARU BPAA.doc
- <SYSTEM32>\hfblddel.bat
- %WINDIR%\Temp\d11hst3g.exe
- 'www.11##a.com':80
- 'localhost':1035
- www.11##a.com/
- DNS ASK www.11##a.com
- ClassName: 'WordPadClass' WindowName: '(null)'