Техническая информация
- <SYSTEM32>\dsound.dll файлом <SYSTEM32>\dsound.dll.dat
- %WINDIR%\regedit.exe /s "<SYSTEM32>\\D3D_2_Opengl.reg"
- <SYSTEM32>\cmd.exe /c """%TEMP%\tempVidio.bat"" "
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\black.she
- <SYSTEM32>\SkinH_EL.dll
- %TEMP%\tempVidio.bat
- <SYSTEM32>\D3D_2_Opengl.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\52hln[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\xxzwg[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\wghai[1]
- %TEMP%\kb532337.sve
- %TEMP%\Temp\cmd.exe.exe
- %TEMP%\Temp\CSНЮНЮНёКУ-И«№¦ДЬ±дМ¬ёЁЦъ0708.exe
- %CommonProgramFiles%\System\kb532337.dla
- %HOMEPATH%\Favorites\Нв№ТЧч·»ЧКФґХѕ [42724920.ys168.com].url
- %HOMEPATH%\Favorites\Нв№ТЧч·»№Щ·ЅХѕ [www.zuowg.com].url
- <SYSTEM32>\dsound.dll.dat
- <SYSTEM32>\black.she
- <SYSTEM32>\SkinH_EL.dll
- %CommonProgramFiles%\System\kb532337.dla
- %TEMP%\Temp\cmd.exe.exe
- <SYSTEM32>\dsound.dll в <SYSTEM32>\dsound.dll.YDYN
- 'www.xx##g.com':80
- 'www.52##n.com':80
- 'localhost':1034
- 'www.wg##i.com':80
- www.52##n.com/
- www.xx##g.com/
- www.wg##i.com/?fr#############
- DNS ASK www.52##n.com
- DNS ASK www.xx##g.com
- DNS ASK www.wg##i.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''