Техническая информация
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\pagepage.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\dian.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\xingxing.bat" "
- '<SYSTEM32>\wscript.exe' "%TEMP%\bbtbb.vbs"
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://www.xs##.info/index/index7.htm
- %TEMP%\pagepage.bat
- %TEMP%\dian.bat
- %TEMP%\bbtbb.vbs
- %TEMP%\xingxing.bat
- '98.##6.249.6':81
- '22#.#17.240.30':80
- 'localhost':1040
- 'localhost':1036
- 'localhost':1038
- 22#.#17.240.30/soft/uaua4397.exe
- DNS ASK www.19##7.info
- DNS ASK www.19##6.info
- DNS ASK www.19##5.info
- DNS ASK www.xs##.info
- DNS ASK p3.#####.####u.google.baidu.com.baidu163so.info
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'CabinetWClass' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'