Техническая информация
- <SYSTEM32>\cmd.exe /c %WINDIR%\system\todeletetif.bat
- <SYSTEM32>\ping.exe 127.1 -n 30
- <SYSTEM32>\wscript.exe "%WINDIR%\toshell.vbs"
- <SYSTEM32>\cmd.exe /c %WINDIR%\705.5475.bat
- <SYSTEM32>\taskkill.exe /f /im Rstray.exe
- <SYSTEM32>\taskkill.exe /f /im 360tray.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\97ZO1B0A\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\6NSX0LO9\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\01234567\download2[1].exe
- %WINDIR%\toshell.vbs
- %WINDIR%\toshell.bat
- %TEMP%\todownload.html
- %WINDIR%\705.5475.bat
- %WINDIR%\system\todeletetif.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\N0XS9XGT\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\01234567\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\6NSX0LO9\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\97ZO1B0A\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\01234567\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\N0XS9XGT\desktop.ini
- 'do####adpoint.cn':80
- 'localhost':1036
- do####adpoint.cn/download2.exe
- DNS ASK do####adpoint.cn
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''