Техническая информация
- %WINDIR%\Temp\wwwfkszcom.exe
- %WINDIR%\Temp\hintsafe.exe
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\~DFA2799.tmp"
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\~DFA6537.tmp"
- <SYSTEM32>\regsvr32.exe /s "<SYSTEM32>\mswinsck.ocx"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\file[1].txt
- %TEMP%\1b9d7.tmp
- %TEMP%\1ad24.tmp
- %TEMP%\1275.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\wwwfkszcom[1].ini
- %TEMP%\DFA9442.tmp
- %TEMP%\~DFA6537.tmp
- %WINDIR%\Temp\wwwfkszcom.exe
- %WINDIR%\Temp\hintsafe.exe
- <SYSTEM32>\mswinsck.ocx
- %WINDIR%\sys.dat
- %TEMP%\19dc1.tmp
- %TEMP%\1b9d7.tmp
- %TEMP%\1275.dat
- %TEMP%\19dc1.tmp
- %TEMP%\1ad24.tmp
- 'www.pc##8.net':80
- 'us##.yswm.net':80
- 'localhost':1037
- 'do####i590.3322.org':80
- do####i590.3322.org/2.txt
- us##.yswm.net/yswm/wwwfkszcom.ini
- do####i590.3322.org/1.txt
- www.pc##8.net/file.txt
- DNS ASK us##.yswm.net
- DNS ASK www.pc##8.net
- DNS ASK do####i590.3322.org