Техническая информация
- '<SYSTEM32>\cmd.exe' /c del <Полный путь к файлу> > nul
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://ne##.sogou.com/?p=####################################
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://www.cn####wo.com:8800/888/1.asp
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\news.sogou[1]
- 'ne##.sogou.com':80
- 'www.cn###two.com':8800
- 'localhost':1037
- 'localhost':1038
- http://ne##.sogou.com/?p=####################################
- DNS ASK www.cn###two.com
- DNS ASK ne##.sogou.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''