Техническая информация
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\3.tmp
- %WINDIR%\MyIme.dll
- %TEMP%\1.tmp
- %TEMP%\2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\8880[1]
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\1.tmp
- %TEMP%\2.tmp
- %TEMP%\3.tmp
- 'localhost':1043
- 'zb.###bowang.com':80
- 'tj.##7080.com':80
- 'www.88#0.pw':80
- 'localhost':1041
- '12#.#25.114.144':80
- 12#.#25.114.144/
- zb.###bowang.com/tongjiGateway.php?id#############################################
- tj.##7080.com/Use.html?in###############
- www.88#0.pw/8880.txt
- www.88#0.pw/tj.txt
- www.88#0.pw/
- DNS ASK zb.###bowang.com
- DNS ASK tj.##7080.com
- DNS ASK www.88#0.pw
- DNS ASK www.ba##u.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''