Техническая информация
- '%ProgramFiles%\Microsoft\exp1orer.exe'
- '%ProgramFiles%\QQ\360try.exe' <Полный путь к вирусу>
- '<SYSTEM32>\taskkill.exe' /f /im 360try.exe
- '<SYSTEM32>\taskkill.exe' /f /im exp1orer.exe
- '<SYSTEM32>\cmd.exe' /C taskkill /f /im 360try.exe
- '<SYSTEM32>\cmd.exe' /C taskkill /f /im exp1orer.exe
- %ProgramFiles%\QQ\Config.ini
- %ProgramFiles%\Microsoft\exp1orer.exe
- %ProgramFiles%\QQ\360try.exe
- 'ab##d.com':80
- 'www.ip##8.com':80
- 'xi###.baiduwho.com':557
- http://ab##d.com/ip.asp
- http://www.ip##8.com/ips.asp
- http://www.ip##8.com/ip2city.asp?jd###########
- DNS ASK ab##d.com
- DNS ASK www.ip##8.com
- DNS ASK xi###.baiduwho.com
- ClassName: '' WindowName: '%ALLUSERSPROFILE%\????????????\????\????'
- ClassName: '' WindowName: '%ALLUSERSPROFILE%\ЎёїЄКјЎ№ІЛµҐ\іМРт\Жф¶Ї'
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: '????'
- ClassName: '' WindowName: 'Жф¶Ї'