Техническая информация
- %TEMP%\FunshionInstall.exe
- %TEMP%\guagua.exe
- %TEMP%\300.exe
- %TEMP%\TJ10030.exe
- %TEMP%\setup12.exe
- %TEMP%\123.exe
- %TEMP%\300.exe (загружен из сети Интернет)
- %TEMP%\TJ10030.exe (загружен из сети Интернет)
- %TEMP%\123.exe (загружен из сети Интернет)
- %TEMP%\setup12.exe (загружен из сети Интернет)
- %TEMP%\guagua.exe (загружен из сети Интернет)
- %TEMP%\FunshionInstall.exe (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\300[1].exe
- %TEMP%\guagua.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\guagua[1].exe
- %TEMP%\TJ10030.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\TJ10030[1].exe
- %TEMP%\300.exe
- %TEMP%\FunshionInstall.exe
- %TEMP%\setup12.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\setup12[1].exe
- %TEMP%\nsd2.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\FunshionInstall[1].exe
- %TEMP%\123.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\123[1].exe
- %TEMP%\nsd2.tmp\inetc.dll
- 'ww##.e-soso.com':80
- ww##.e-soso.com/pop/guagua.exe
- ww##.e-soso.com/pop/uus/300.exe
- ww##.e-soso.com/tj/TJ10030.exe
- ww##.e-soso.com/pop/setup12.exe
- ww##.e-soso.com/pop/123.exe
- ww##.e-soso.com/pop/FunshionInstall.exe
- DNS ASK ww##.e-soso.com
- ClassName: 'Shell_TrayWnd' WindowName: ''