Техническая информация
- <SYSTEM32>\netstat.exe -an
- <SYSTEM32>\ipconfig.exe /all
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\1075.bat
- <SYSTEM32>\spoolsv.exe
- %WINDIR%\Temp\2003\sysinfo.log
- %WINDIR%\Temp\2003\fsc.tmp
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0J2LM5OP\login_ok[1].php
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0J2LM5OP\wpad[1].dat
- %WINDIR%\Temp\~13785.tmp
- \Device\HarddiskVolume1
- <SYSTEM32>\~00110406.tmp
- <SYSTEM32>\svcsam.dll
- %WINDIR%\Temp\2003\fsc.tmp~
- <SYSTEM32>\1075.bat
- %WINDIR%\Temp\2003\fsc.tmp~
- 'wpad.localdomain':80
- 'gi###ol.zoa.to':80
- 'localhost':1037
- wpad.localdomain/wpad.dat
- gi###ol.zoa.to/gigasol/data/sangsang/login_ok.php?no###################################################################
- DNS ASK wpad.localdomain
- DNS ASK gi###ol.zoa.to