Техническая информация
- <SYSTEM32>\wscript.exe "%PROGRAM_FILES%\soft175802\b_1702.vbs"
- <SYSTEM32>\cmd.exe /c ""%PROGRAM_FILES%\soft175802\300.bat" "
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://ta##rl.com/i0dpw
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.17##g.com/lianjie/10608.htm
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ Intornot Exploror .lnk
- %ALLUSERSPROFILE%\Desktop\ Intornot Exploror .lnk
- %PROGRAM_FILES%\soft175802\a
- %PROGRAM_FILES%\soft175802\0220110205020200580217020202.txt
- %PROGRAM_FILES%\soft175802\B_0220110205020200580217020202.txt
- %PROGRAM_FILES%\jishu_175802\FlashIcon.ico
- %TEMP%\nsk2.tmp\FindProcDLL.dll
- %PROGRAM_FILES%\jishu_175802\dailytips.ini
- %PROGRAM_FILES%\jishu_175802\newnew.ini
- %PROGRAM_FILES%\jishu_175802\newnew.exe
- %PROGRAM_FILES%\jishu_175802\jishu_175802.ini
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ Intornot Exploror .lnk
- 'localhost':1037
- DNS ASK ta##rl.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''