Техническая информация
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2016-09-22 19-35-08 921.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2016-09-22 19-35-08 234.bat" "
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Default_Page_URL" /t reg_sz /d http://www.xi##o.net /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2016-09-22 19-35-09 406.bat" "
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t reg_sz /d http://www.xi##o.net /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\РЮёґIE.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2016-09-22 19-35-07 062.bat" "
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2016-09-22 19-35-05 562.bat" "
- %TEMP%\2016-09-22 19-35-08 234.bat
- %TEMP%\2016-09-22 19-35-08 921.bat
- %TEMP%\2016-09-22 19-35-07 062.bat
- %HOMEPATH%\Desktop\╠╘▒ж╡╝╣║.URL
- %TEMP%\2016-09-22 19-35-09 406.bat
- %HOMEPATH%\Desktop\╠╘▒ж═°.url
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Exp1orer.URL
- %HOMEPATH%\Desktop\Internet Exp1orer.URL
- %HOMEPATH%\Desktop\╔╧═°╡╝║╜.url
- %ProgramFiles%\РЎУОП·\РЎУОП·.exe
- %ProgramFiles%\РЎУОП·\taobao.ico
- %TEMP%\РЮёґIE.bat
- %ProgramFiles%\РЎУОП·\РЎУОП·tmp.exe
- %ProgramFiles%\РЎУОП·\baidu.ico
- %HOMEPATH%\Favorites\МФ±¦µј№є.url
- %TEMP%\2016-09-22 19-35-05 562.bat
- %ProgramFiles%\РЎУОП·\xianyu.ico
- %HOMEPATH%\Favorites\МФ±¦Нш.url
- 'so#.5k5.net':80
- http://so#.5k5.net/interface?ac##################################################
- DNS ASK so#.5k5.net