Техническая информация
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2017-05-11 04-10-03 343.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2017-05-11 04-10-02 968.bat" "
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Default_Page_URL" /t reg_sz /d http://www.xi##o.net /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2017-05-11 04-10-03 718.bat" "
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t reg_sz /d http://www.xi##o.net /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\РЮёґIE.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2017-05-11 04-10-02 328.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2017-05-11 04-10-02 125.bat" "
- %TEMP%\2017-05-11 04-10-02 968.bat
- %TEMP%\2017-05-11 04-10-03 343.bat
- %HOMEPATH%\Desktop\╧╔╙Є.URL
- %TEMP%\2017-05-11 04-10-02 125.bat
- %TEMP%\2017-05-11 04-10-02 328.bat
- %HOMEPATH%\Desktop\╠╘▒ж═°.url
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Exp1orer.URL
- %HOMEPATH%\Desktop\╔╧═°╡╝║╜.url
- %TEMP%\2017-05-11 04-10-03 718.bat
- %HOMEPATH%\Desktop\Internet Exp1orer.URL
- %ProgramFiles%\РЎУОП·\taobao.ico
- %ProgramFiles%\РЎУОП·\baidu.ico
- %ProgramFiles%\РЎУОП·\РЎУОП·.exe
- %TEMP%\РЮёґIE.bat
- %ProgramFiles%\РЎУОП·\РЎУОП·tmp.exe
- %HOMEPATH%\Favorites\МФ±¦Нш.url
- %HOMEPATH%\Favorites\ПЙУт.url
- %HOMEPATH%\Favorites\µ±µ±Нш.url
- %ProgramFiles%\РЎУОП·\dangdangwang.ico
- %ProgramFiles%\РЎУОП·\xianyu.ico
- 'so#.5k5.net':80
- http://so#.5k5.net/interface?ac###################################################
- DNS ASK so#.5k5.net