Техническая информация
- '%CommonProgramFiles%\hdaoc.exe'
- '%CommonProgramFiles%\hdaoc.exe' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /c %CommonProgramFiles%\suoyouxins.bat
- %CommonProgramFiles%\ppna.txt
- %CommonProgramFiles%\done.txt
- %CommonProgramFiles%\suoyouxins.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\oRun[1].exe
- %CommonProgramFiles%\czyi.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\count[1].asp
- %CommonProgramFiles%\czyi.txt в %CommonProgramFiles%\hdaoc.exe
- 'x2.##odaita.com':80
- 'pd.##tanlm.cn':80
- 'localhost':1035
- x2.##odaita.com/count.asp?id###########################
- pd.##tanlm.cn/x0606/game032/oRun.exe
- DNS ASK x2.##odaita.com
- DNS ASK pd.##tanlm.cn