Техническая информация
- [<HKLM>\SOFTWARE\Classes\CLSID\{26AEFBE8-063F-0657-829C-A93078890D80}\Shell\Open\Command] '' = '<SYSTEM32>\wwwwwww.exe %w%w%w.08%184%19.%c%o%m'
- <SYSTEM32>\attrib.exe -r "%ALLUSERSPROFILE%\б╕┐к╩╝б╣▓╦╡е\*.*"
- <SYSTEM32>\attrib.exe -r "%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.*"
- %WINDIR%\regedit.exe /s "%TEMP%\deos.ime"
- <SYSTEM32>\cmd.exe /c "%TEMP%\$$dmsf.bat"
- <SYSTEM32>\attrib.exe +r "%APPDATA%\Microsoft\Internet Explorer\Quick Launch\╧╘╩╛╫└├ц.scf"
- %WINDIR%\regedit.exe /s "%TEMP%\hhhhhhh.ime"
- <SYSTEM32>\attrib.exe -r "%HOMEPATH%\Start Menu\*.*"
- <SYSTEM32>\cmd.exe /c "%TEMP%\$$dss.bat"
- <SYSTEM32>\cmd.exe /c "%TEMP%\$$edbs.bat"
- <SYSTEM32>\cmd.exe /c "%TEMP%\$$cdi.bat"
- <SYSTEM32>\cmd.exe /c "%TEMP%\$$delos.bat"
- <SYSTEM32>\cmd.exe /c "%TEMP%\$$cqi.bat"
- %TEMP%\hhhhhhh.ime
- %TEMP%\$$delos.bat
- %TEMP%\deos.ime
- %TEMP%\$$dmsf.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\002[1].htm
- %TEMP%\$$cdi.bat
- %TEMP%\$$dss.bat
- %TEMP%\НшЦ·Ц®јТ.url
- %TEMP%\$$edbs.bat
- %TEMP%\$$cqi.bat
- %TEMP%\wwwwwww.Lnk
- <SYSTEM32>\wwwwwww.exe
- %TEMP%\hhhhhhh.ime
- 'www.tt##r.com':80
- 'localhost':1035
- www.tt##r.com/ietj/002.htm
- DNS ASK www.tt##r.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''