Техническая информация
- '%PROGRAM_FILES%\kuping_s_24776.exe'
- '%PROGRAM_FILES%\PPTV(pplive)_jinshan_440.exe'
- '%PROGRAM_FILES%\КэЧЦЗ©ГыїЛВЎ.exe'
- '%PROGRAM_FILES%\KAVSETUPS_66_1480.exe'
- '%PROGRAM_FILES%\PPTV(pplive)_jinshan_440.exe' (загружен из сети Интернет)
- '%PROGRAM_FILES%\KAVSETUPS_66_1480.exe' (загружен из сети Интернет)
- '%PROGRAM_FILES%\kuping_s_24776.exe' (загружен из сети Интернет)
- %PROGRAM_FILES%\kuping_s_24776.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\jump[1].php
- %PROGRAM_FILES%\PPTV(pplive)_jinshan_440.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\jump[1].php
- %PROGRAM_FILES%\KAVSETUPS_66_1480.exe
- %PROGRAM_FILES%\КэЧЦЗ©ГыїЛВЎ.exe
- %TEMP%\nst2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\jump[1].php
- %TEMP%\nsb3.tmp\msd.dll
- %TEMP%\nsb3.tmp\msd.dll
- 'j.#####.ijinshan.com':80
- j.#####.ijinshan.com/jump.php?u_##########
- j.#####.ijinshan.com/jump.php?u_########
- DNS ASK j.#####.ijinshan.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '#32770' WindowName: '(null)'