Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'OneDayOn Client' = '%PROGRAM_FILES%\OneDayon Application\OneDayOn.exe'
- %PROGRAM_FILES%\OneDayon Application\InsCnt.exe 4
- <SYSTEM32>\cmd.exe /c \DelUS.bat
- %TEMP%\nsd2.tmp\SelfDelete.dll
- %PROGRAM_FILES%\OneDayon Application\Uninstall.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\version4[1]
- C:\DelUS.bat
- %PROGRAM_FILES%\OneDayon Application\OneDayOn_Client.exe
- %PROGRAM_FILES%\OneDayon Application\OneDayOn.exe
- %PROGRAM_FILES%\OneDayon Application\onday.swf
- %PROGRAM_FILES%\OneDayon Application\InsCnt.exe
- %TEMP%\nsd2.tmp\SelfDelete.dll
- 'www.on###yon.com':80
- www.on###yon.com/ver/version4
- www.on###yon.com/log/install.php?ma############################
- DNS ASK www.on###yon.com