Техническая информация
- <SYSTEM32>\regsvr32.exe /u /s "%PROGRAM_FILES%\osm\osm.OCX"
- <SYSTEM32>\winlogon.exe
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\osm\osm.OCX"
- <SYSTEM32>\regsvr32.exe /s /u <SYSTEM32>\mscomctl.ocx
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\osm\MSWINSCK.OCX"
- C:\osm.bak
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\osm[1].ini
- <SYSTEM32>\58lianmeng\lockie.ini
- %WINDIR%\system\ad.bak
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ad[1].ini
- %PROGRAM_FILES%\osm\osm.OCX
- %PROGRAM_FILES%\osm\MSWINSCK.OCX
- %WINDIR%\sys.ini
- %PROGRAM_FILES%\user.dat
- C:\osm.ini
- %PROGRAM_FILES%\user.dat
- %TEMP%\~DF3100.tmp
- 'up####.woai310.com':80
- 'localhost':1035
- up####.woai310.com/media/lockie/ad.ini
- up####.woai310.com/media/lockie/osm.ini
- DNS ASK up####.woai310.com