Техническая информация
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\bbb.bat" "
- '<SYSTEM32>\regsvr32.exe' safemon.dll /s
- '<SYSTEM32>\cmd.exe' /c ""<SYSTEM32>\aaa.bat" "
- '<SYSTEM32>\regsvr32.exe' cdmodemm.dll /s
- %HOMEPATH%\Favorites\µ±µ±Нш.url
- %HOMEPATH%\Favorites\МФ±¦Нш.url
- %ProgramFiles%\РЎУОП·\baidu.ico
- %ProgramFiles%\РЎУОП·\dangdangwang.ico
- %HOMEPATH%\Desktop\µ±µ±Нш.url
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Exploer.Lnk
- %HOMEPATH%\Desktop\??OII·.Lnk
- %HOMEPATH%\Desktop\МФ±¦Нш.url
- %HOMEPATH%\Desktop\Internet Exploer.Lnk
- <SYSTEM32>\cdmodemm.dllzip
- <SYSTEM32>\cdmodemm.dll
- %ProgramFiles%\РЎУОП·\РЎУОП·tmp.exe
- %ProgramFiles%\РЎУОП·\РЎУОП·.exe
- <SYSTEM32>\aaa.bat
- <SYSTEM32>\bbb.bat
- %ProgramFiles%\РЎУОП·\taobao.ico
- <SYSTEM32>\safemom.dllzip
- <SYSTEM32>\safemom.dll
- 'so#.5k5.net':80
- http://so#.5k5.net/interface?ac##################################################
- DNS ASK so#.5k5.net