Техническая информация
- скрытых файлов
- расширений файлов
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://tj.######ode.meibu.com.com:8080/alltj.html?36#
- <SYSTEM32>\wscript.exe "%TEMP%\main.vbs"
- %TEMP%\uninst.exe
- %TEMP%\temp.ini
- %TEMP%\nsg3.tmp\System.dll
- %TEMP%\nsd8.tmp
- %TEMP%\~nsu.tmp\Au_.exe
- %TEMP%\nsq6.tmp
- %TEMP%\nsg3.tmp\InetLoad.dll
- %PROGRAM_FILES%\Internet Explorer\ie.amico
- %TEMP%\nsz2.tmp
- %TEMP%\nsg3.tmp\KillProcDLL.dll
- %TEMP%\nsg3.tmp\ns4.tmp
- %TEMP%\nsg3.tmp\nsExec.dll
- %TEMP%\nsg3.tmp\System.dll
- %TEMP%\uninst.exe
- %TEMP%\temp.ini
- %TEMP%\nsg3.tmp\nsExec.dll
- %TEMP%\nsg3.tmp\ns4.tmp
- %TEMP%\nsg3.tmp\InetLoad.dll
- %TEMP%\nsg3.tmp\KillProcDLL.dll
- 'tj.#####code.meibu.com.com':8080
- 'localhost':1039
- 'do##.###d-code.meibu.com':8080
- DNS ASK tj.#####code.meibu.com.com
- DNS ASK do##.###d-code.meibu.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''