Техническая информация
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://www.da##34.com/index2.html?yi##########
- '<SYSTEM32>\wscript.exe' "%PROGRAM_FILES%\Kingsoft\myfile\file.vbs"
- %PROGRAM_FILES%\Kingsoft\myfile\fav\fav.vbs
- %PROGRAM_FILES%\Kingsoft\myfile\fav\tao2.ico
- %PROGRAM_FILES%\Kingsoft\myfile\se.vbs
- %PROGRAM_FILES%\Kingsoft\myfile\fav\fav.lnk
- %PROGRAM_FILES%\Kingsoft\myfile\fav\淘宝购物.url
- %PROGRAM_FILES%\Kingsoft\myfile\fav\tao.ico
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index2[1].html
- %PROGRAM_FILES%\Kingsoft\myfile\fav\网址导航.url
- %PROGRAM_FILES%\Kingsoft\myfile\fav\软件下载.url
- %PROGRAM_FILES%\Kingsoft\myfile\Microsoft\bot.vbs
- %PROGRAM_FILES%\Kingsoft\myfile\36O安全浏览器 3.lnk
- %PROGRAM_FILES%\Kingsoft\myfile\starts.vbs
- %PROGRAM_FILES%\Kingsoft\myfile\tools.lnk
- %PROGRAM_FILES%\Kingsoft\myfile\36O安全浏览器 3.lnk
- %PROGRAM_FILES%\Kingsoft\myfile\open.vbs
- %PROGRAM_FILES%\Kingsoft\myfile\se1.vbs
- %PROGRAM_FILES%\Kingsoft\myfile\file.vbs
- %PROGRAM_FILES%\Kingsoft\myfile\Internet Expl0rer.lnk
- 'www.da##34.com':80
- 'localhost':1036
- www.da##34.com/index2.html?yi##########
- DNS ASK www.da##34.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'