Техническая информация
- %PROGRAM_FILES%\WinRAR\Rar.exe e -y -ping %WINDIR%\web\printers\722\ok.rar "%PROGRAM_FILES%\722\" (загружен из сети Интернет) e -y -ping %WINDIR%\web\printers\722\11.rar %WINDIR%\web\printers\722\
- C:\QQРеЧєИлІејю.exe
- C:\±ЈґжИОТвQQХжИЛРг.exe
- <SYSTEM32>\wscript.exe "%PROGRAM_FILES%\rar.vbs" //B
- <SYSTEM32>\wscript.exe "%PROGRAM_FILES%\11.vbs" //B
- <SYSTEM32>\ping.exe www.ba##u.com -n 1
- <SYSTEM32>\ping.exe 127.0.0.1 -n 2
- <SYSTEM32>\cmd.exe /c %WINDIR%\web\printers\722\125.bat
- <SYSTEM32>\taskkill.exe /f /t /im ksafetray.exe
- <SYSTEM32>\cmd.exe /c %WINDIR%\11a.bat
- %PROGRAM_FILES%\WinRAR\Rar.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\rar[1].jpg
- %WINDIR%\11a.bat
- %WINDIR%\Web\printers\722\md5.txt
- %WINDIR%\Web\printers\722\11.rar
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\0cec604660cef929500ffe1a[1].jpg
- %WINDIR%\Web\printers\722\125.bat
- %TEMP%\E_N4\krnln.fnr
- C:\QQРеЧєИлІејю.exe
- C:\±ЈґжИОТвQQХжИЛРг.exe
- %PROGRAM_FILES%\rar.vbs
- %PROGRAM_FILES%\ww.vbs
- %PROGRAM_FILES%\11.vbs
- C:\QQРеЧєИлІејю.exe
- C:\±ЈґжИОТвQQХжИЛРг.exe
- %PROGRAM_FILES%\11.vbs
- %PROGRAM_FILES%\rar.vbs
- 'localhost':1037
- 'hi####os.baidu.com':80
- 'localhost':1035
- 'www.8s##a.cn':80
- hi####os.baidu.com/8sina%C9%E7%C7%F8/pic/item/0cec604660cef929500ffe1a.jpg
- www.8s##a.cn/soft/rar.jpg
- DNS ASK www.ba##u.com
- DNS ASK hi####os.baidu.com
- DNS ASK www.8s##a.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''