Техническая информация
- '%PROGRAM_FILES%\Outlook Express\test.exe'
- '<SYSTEM32>\cmd.exe' /c ""<Текущая директория>\~170500.bat" "
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\rundll32.exe' "%PROGRAM_FILES%\Outlook Express\MMProtect.dll" start_run
- '<SYSTEM32>\rundll32.exe' "%PROGRAM_FILES%\Outlook Express\FileManage.dll" start
- '<SYSTEM32>\cmd.exe' /c %TEMP%\~120abcd.bat
- <Текущая директория>\~v2010.tmp
- %PROGRAM_FILES%\Outlook Express\test.exe
- %PROGRAM_FILES%\Outlook Express\allfile.txt
- <Текущая директория>\~170500.bat
- %TEMP%\~120abcd.bat
- %PROGRAM_FILES%\Outlook Express\MMProtect.dll
- %PROGRAM_FILES%\Outlook Express\FileManage.dll
- %TEMP%\~120abcd.reg
- %PROGRAM_FILES%\Outlook Express\config.ini
- '<IP-адрес в локальной сети>':8888
- ClassName: 'Shell_TrayWnd' WindowName: ''