Техническая информация
- '<SYSTEM32>\wscript.exe' "%CommonProgramFiles%\do.vbs"
- '<SYSTEM32>\attrib.exe' +r +h +s ".\doit.vbs"
- '<SYSTEM32>\attrib.exe' +r +h +s ".\start.vbs"
- '<SYSTEM32>\attrib.exe' +r +h +s ".\system.cmd"
- '<SYSTEM32>\attrib.exe' +r +h +s ".\do.vbs"
- '<SYSTEM32>\cmd.exe' /C start /min iexplore http://www.ku###123.com/index2.html?a1
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' http://www.ku###123.com/index2.html?a1
- '<SYSTEM32>\cmd.exe' /C .\system.cmd
- %CommonProgramFiles%\start.vbs
- %CommonProgramFiles%\LABEL.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index2[1].html
- %CommonProgramFiles%\system.cmd
- %CommonProgramFiles%\doit.vbs
- %CommonProgramFiles%\do.vbs
- %CommonProgramFiles%\Internet Explorer.url
- %CommonProgramFiles%\Internet Expl0rer.lnk
- %CommonProgramFiles%\start.vbs
- %CommonProgramFiles%\system.cmd
- %CommonProgramFiles%\do.vbs
- %CommonProgramFiles%\doit.vbs
- 'www.ku###123.com':80
- 'localhost':1036
- http://www.ku###123.com/index2.html?a1
- DNS ASK www.ku###123.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''