Техническая информация
- "%CommonProgramFiles%\yuieie.exe" (загружен из сети Интернет)
- <SYSTEM32>\cmd.exe /c "%CommonProgramFiles%\suoyouxins.bat"
- %CommonProgramFiles%\ppna.txt
- %CommonProgramFiles%\done.txt
- %CommonProgramFiles%\suoyouxins.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\oRun[1].exe
- %CommonProgramFiles%\haoyru.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\count[1].asp
- 'x2.##odaita.com':80
- 'pd.##tanlm.cn':80
- 'localhost':1037
- x2.##odaita.com/count.asp?id###########################
- pd.##tanlm.cn/x0606/game032/oRun.exe
- DNS ASK x2.##odaita.com
- DNS ASK pd.##tanlm.cn