Техническая информация
- %TEMP%\bangnitao.exe
- %TEMP%\18454\11930\11062\21401130859\ywsinid.files\yywz
- %TEMP%\18454\11930\11062\21401130859\ywsinid.files\bookset.ini
- %TEMP%\18454\11930\11062\21401130859\ywsinid.files\softpzinifile.ini
- %HOMEPATH%\Desktop\bangnitao.exe.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\btweb[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\wbk4.tmp
- %TEMP%\18454\11930\11062\21401130859\htmtmp1.mht
- %TEMP%\18454\11930\11062\21401130859\ywsinid
- %TEMP%\nsp2.tmp\inetc.dll
- %TEMP%\nsp2.tmp\System.dll
- %TEMP%\bangnitao.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\9[1].php
- %APPDATA%\YYebookset\opfilejlA
- %TEMP%\yytmp1\ywsfiletmp.tmp
- %TEMP%\nsp2.tmp\configuration.ini
- %APPDATA%\YYebookset\opfilejlA
- %TEMP%\nsp2.tmp\inetc.dll
- %TEMP%\nsp2.tmp\System.dll
- %TEMP%\nsp2.tmp\configuration.ini
- %TEMP%\yytmp1\ywsfiletmp.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\btweb[1].asp
- 'www.yy##ook.com':80
- 'localhost':1037
- 'www.pp##.com':80
- www.yy##ook.com/btweb/btweb.asp?jq####################################################################################################################
- www.pp##.com/9.php?sa###
- DNS ASK www.yy##ook.com
- DNS ASK www.pp##.net
- DNS ASK www.pp##.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '%TEMP%\bangnitao.exe' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''