Техническая информация
- '%TEMP%\nsh2.tmp\rt.exe'
- '%TEMP%\RarSFX0\rt_setup.exe'
- '%TEMP%\RarSFX0\Setup.EXE'
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\MSCOMCTL.OCX
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Flash.OCX
- <SYSTEM32>\Flash.OCX
- %TEMP%\nsh2.tmp\rt.exe
- <SYSTEM32>\MSCOMCTL.OCX
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\15[1].swf
- %TEMP%\RarSFX0\Setup.ini
- %TEMP%\RarSFX0\jTemp.dat
- %TEMP%\RarSFX0\gTemp.dat
- %TEMP%\RarSFX0\rarinfo.txt
- %TEMP%\RarSFX0\Setup.ico
- %TEMP%\RarSFX0\Setup.EXE
- %TEMP%\RarSFX0\gTemp.dat в %TEMP%\RarSFX0\rt_setup.exe
- 'do####re.ipower.com':80
- 'localhost':1036
- do####re.ipower.com/zx/rt/15.swf
- DNS ASK do####re.ipower.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'