Техническая информация
- Adware.Dowgin.3.origin
- UDP(DNS) <Google DNS>
- TCP(HTTP/1.1) c####.baidust####.com:80
- TCP(HTTP/1.1) zi.si.07####.cn:80
- TCP(HTTP/1.1) t####.sogo####.com.####.com:80
- TCP(HTTP/1.1) cf55####.got####.com:80
- TCP(HTTP/1.1) hm.b####.com:80
- TCP(HTTP/1.1) c.c####.com:80
- TCP(HTTP/1.1) pco####.ta####.com:80
- TCP(HTTP/1.1) i####.s####.com:80
- TCP(HTTP/1.1) z.c####.com:80
- TCP(HTTP/1.1) im####.s####.com.####.com:80
- TCP(HTTP/1.1) wn.pos.b####.com:80
- TCP(HTTP/1.1) pos.b####.com:80
- TCP(HTTP/1.1) ec####.b####.com:80
- TCP(HTTP/1.1) gm.mm####.com:80
- TCP(HTTP/1.1) p.i####.s####.com:80
- TCP(HTTP/1.1) zd.sd.07####.####.net:80
- TCP(TLS/1.0) 1####.217.19.206:443
- TCP(TLS/1.0) dup.baidust####.com:443
- TCP(TLS/1.0) c####.baidust####.com:443
- TCP(TLS/1.0) ec####.b####.com:443
- TCP(TLS/1.0) h####.b####.com.####.com:443
- TCP(TLS/1.0) pos.b####.com:443
- c####.baidust####.com
- c####.baidust####.com
- c####.mm####.com
- c.c####.com
- dup.baidust####.com
- ec####.b####.com
- h####.b####.com
- h####.c####.com
- hm.b####.com
- i####.c####.com
- i####.s####.com
- im####.s####.com
- mo####.b####.com
- p.i####.s####.com
- pco####.c####.com
- pos.b####.com
- s####.c####.com
- t####.sogo####.com
- wn.pos.b####.com
- www.c####.com
- zd.sd.07####.cn
- zi.si.07####.cn
- c####.baidust####.com/cpro/ui/cm.js
- c####.baidust####.com/cpro/ui/noexpire/img/2.0.1/new-icon@2x.png
- c####.baidust####.com/sync.htm?cproid=####
- c.c####.com/core.php?web_id=####&show=####&t=####
- c.c####.com/img/pic.gif
- c.c####.com/stat.php?id=####&web_id=####&show=####
- cf55####.got####.com/Js/mmjs.js
- cf55####.got####.com/css/mmtxt.css
- cf55####.got####.com/favicon.ico
- cf55####.got####.com/mmher/821.htm
- ec####.b####.com/rs.jpg?type=####&stamp=####
- gm.mm####.com/9.gif?abc=####&rnd=####
- hm.b####.com/h.js?307db47####
- hm.b####.com/hm.gif?cc=####&ck=####&cl=####&ds=####&vl=####&et=####&ja=#...
- i####.s####.com/ask?id=####&h=####&w=####&fv=####&if=####&sohuurl=####&r...
- i####.s####.com/ct?id=####&h=####&w=####&fv=####&if=####&sohuurl=####&re...
- im####.s####.com.####.com/cs/jsfile/js/c.js
- p.i####.s####.com/nvwa/tw16.jpg
- p.i####.s####.com/nvwa/tw17.jpg
- p.i####.s####.com/nvwa/tw20.jpg
- pco####.ta####.com/app.gif?&cna=####
- pos.b####.com/auto_dup?psi=####&di=####&dri=####&dis=####&dai=####&ps=##...
- pos.b####.com/sync_pos.htm?cproid=####
- pos.b####.com/xcxm?conwid=####&conhei=####&rdid=####&dc=####&exps=####&p...
- pos.b####.com/xcxm?psi=####&di=####&dri=####&dis=####&dai=####&ps=####&c...
- t####.sogo####.com.####.com/pc/js/co.js
- t####.sogo####.com.####.com/pc/js/fc.js?v=####
- t####.sogo####.com.####.com/testgpimg/pc_logo6.png
- t####.sogo####.com.####.com/testgpimg/pc_tip.png
- t####.sogo####.com.####.com/testgpimg/pc_tip_on.png
- wn.pos.b####.com/adx.php?c=####
- z.c####.com/stat.htm?id=####&r=####&lg=####&ntime=####&cnzz_eid=####&sho...
- zd.sd.07####.####.net/offer/20171206/201712061752304.png
- zd.sd.07####.####.net/offer/20181204/201812041054103.png
- zd.sd.07####.####.net/offer/20181204/201812041054759.png
- zd.sd.07####.####.net/offer/20190403/201904031138116.apk
- zd.sd.07####.####.net/offer/20190403/201904031407486.png
- zd.sd.07####.####.net/offer/20190430/201904301011837.apk
- zi.si.07####.cn/1im/0f28/ee7
- zi.si.07####.cn/1im/0f28/pe7
- zi.si.07####.cn/1im/0f28/qe7
- zi.si.07####.cn/1im/0f28/re7
- zi.si.07####.cn/1im/0f28/se7
- zi.si.07####.cn/1im/0f28/te7
- zi.si.07####.cn/1im/0f28/ue7
- zi.si.07####.cn/1im/0f28/we7
- /data/data/####/ApplicationCache.db-journal
- /data/data/####/ApplicationCache.db-journal (deleted)
- /data/data/####/__pasys_remote_banner.tmp.jar
- /data/data/####/_mgmi_r.xml
- /data/data/####/_mhmiqs.xml
- /data/data/####/_mjtmip.xml
- /data/data/####/_sami_w.xml
- /data/data/####/data_0
- /data/data/####/data_1
- /data/data/####/data_2
- /data/data/####/data_3
- /data/data/####/index
- /data/data/####/nzzh.stbp.zfaw.jar
- /data/data/####/webview.db-journal
- /data/data/####/webviewCookiesChromium.db-journal
- /data/data/####/zscom.db
- /data/data/####/zscom.db-journal
- /data/media/####/.nomedia
- /data/media/####/2d68cd5330130c643330691a6d88af7c.tmp
- /data/media/####/3676186eba272
- /data/media/####/6eec05aaf91db9e68f9960a74aff3b43.tmp
- /data/media/####/9506cb1659705
- /data/media/####/b102e7ab33e73
- /data/media/####/d27a914aaa38c
- /data/media/####/zf.db
- /data/media/####/zf.db-journal
- chmod 777 /storage/emulated/0/download/omzh//2d68cd5330130c643330691a6d88af7c.tmp
- chmod 777 /storage/emulated/0/download/omzh//6eec05aaf91db9e68f9960a74aff3b43.tmp
- cflib
- zylib
- DES
- DES