Техническая информация
- '<SYSTEM32>\msg.exe' %USERNAME% /time:20 ╥╤│╔╣ж╞╞╜т╡─═°╒╛ 2.http://jx###s2:8080/login.jsp
- '<SYSTEM32>\msg.exe' %USERNAME% /time:20 ╥╤│╔╣ж╞╞╜т╡─═°╒╛ 3.http://jx##ta:8080/login.jsp !
- '<SYSTEM32>\msg.exe' %USERNAME% /time:20 [╣з╧▓─·!┴┘┤и╥╞╢п╗¤╖╓╧╡═│╝░╨┬╧╡═│╞╞╜т│╔╣ж!--By:www.pe##3y.tk 2011.5.30]
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\БЩґЁТЖ¶ЇЅшІ»ИҐ»э·ЦПµНіЖЖЅвІ№¶Ў.bat" "
- '<SYSTEM32>\attrib.exe' -H -R <DRIVERS>\etc\hosts
- '<SYSTEM32>\msg.exe' %USERNAME% /time:20 ╥╤│╔╣ж╞╞╜т╡─═°╒╛ 1.http://jx##ss:8080/login.jsp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\peng3y[1]
- %TEMP%\1.tmp\БЩґЁТЖ¶ЇЅшІ»ИҐ»э·ЦПµНіЖЖЅвІ№¶Ў.bat
- %TEMP%\1.tmp\БЩґЁТЖ¶ЇЅшІ»ИҐ»э·ЦПµНіЖЖЅвІ№¶Ў.bat
- <DRIVERS>\etc\hosts
- 'www.pe##3y.tk':80
- 'localhost':1036
- www.pe##3y.tk/
- DNS ASK www.pe##3y.tk
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'