Техническая информация
Изменения в файловой системе
Создает следующие файлы
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#cdn.comment.4399pk.com\settings.sxx
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sxx
- %APPDATA%\macromedia\flash player\#sharedobjects\gr8by44n\cdn.comment.4399pk.com\seed4399value.sxx
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#s15.4399.com\settings.sxx
- %APPDATA%\macromedia\flash player\#sharedobjects\gr8by44n\s15.4399.com\seed4399value.sxx
- %LOCALAPPDATA%\microsoft\internet explorer\domstore\p4p79gg0\www.ucbug[1].xml
Удаляет следующие файлы
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#cdn.comment.4399pk.com\settings.sol
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sol
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#s15.4399.com\settings.sol
Перемещает следующие файлы
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#cdn.comment.4399pk.com\settings.sxx в %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#cdn.comment.4399pk.com\settings.sol
- %APPDATA%\macromedia\flash player\#sharedobjects\gr8by44n\cdn.comment.4399pk.com\seed4399value.sxx в %APPDATA%\macromedia\flash player\#sharedobjects\gr8by44n\cdn.comment.4399pk.com\seed4399value.sol
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#s15.4399.com\settings.sxx в %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#s15.4399.com\settings.sol
- %APPDATA%\macromedia\flash player\#sharedobjects\gr8by44n\s15.4399.com\seed4399value.sxx в %APPDATA%\macromedia\flash player\#sharedobjects\gr8by44n\s15.4399.com\seed4399value.sol
Подменяет следующие файлы
- %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#cdn.comment.4399pk.com\settings.sxx
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#cdn.comment.4399pk.com\settings.sol
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\settings.sxx
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#s15.4399.com\settings.sxx
- %APPDATA%\macromedia\flash player\macromedia.com\support\flashplayer\sys\#s15.4399.com\settings.sol
Сетевая активность
TCP
Запросы HTTP GET
- http://www.43##.com/flash/130396.htm
- http://bd###.#hare.baidu.com/static/css/bdsstyle.css?cd#################
- http://www.uc##g.com/statics/2018pc/js/common.js
- http://bd###.#hare.baidu.com/static/images/is.png?cd#################
- http://www.43##.com/jss/play_hs1202.js
- http://www.43##.com/jss/4399.js
- http://43#####t.5054399.com/js/click.js
- http://www.43##.com/js/4399stat.js
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/LoadingUI216.swf
- http://hm.##idu.com/hm.js?33##############################
- http://w.##zz.com/c.php?id#########
- http://hq###.cnzz.com/stat.htm?id################################################################################################################################################################...
- http://cd#.###ment.4399pk.com/control/ctrl_mo_v5.swf?20##########
- http://ns####k.baidu.com/v.gif?pi################################################################################################################################################################...
- http://gp##.#399api.net/s?ui#####################################################
- http://www.uc##g.com/statics/2018pc/js/plugin.js
- http://cd#.#2wq.com/scrtips/ucbug_8.29.js
- http://www.uc##g.com/statics/2018pc/js/jquery.min.js
- http://cd#.###an.4399sj.com/anti-indulge-frame/dist/drop/components/BubbleTip.js?v=#####
- http://cd#.###an.4399sj.com/anti-indulge-frame/dist/drop/libs/esl.js
- http://www.43##.com/jss/bjyx_20190130.js
- http://cd#.###an.4399sj.com/anti-indulge-frame/dist/drop/bubble_main.js?v=#####
- http://ne##.4399.com/js/bdshare.js?t=####
- http://cd#.###an.4399sj.com/anti-indulge-frame/dist/drop/libs/san.min.js?v=#####
- http://cd#.###an.4399sj.com/anti-indulge-frame/dist/drop/libs/css.min.js?v=#####
- http://cd#.###an.4399sj.com/anti-indulge-frame/dist/drop/assets/index.css?v=#####
- http://www.uc##g.com/statics/2018pc/js/html5.min.js
- http://cd#.###an.4399sj.com/anti-indulge-frame/dist/drop/components/BubbleTip.css?v=#####
- http://www.uc##g.com/
- http://st##.#pi.4399.com/flash_flow/log.js?g=#############################################################################################
- http://www.uc##g.com/statics/2018pc/css/style.css
- http://bd###.#hare.baidu.com/static/js/shell_v2.js?t=##
- http://bd###.#hare.baidu.com/static/js/logger.js?cd###############
- http://bd###.#hare.baidu.com/static/js/bds_s_v2.js?cd###############
- http://c.##zz.com/core.php?we#################
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/AnniverUI216.swf
- http://st##.#pi.4399.com/flash_flow/end.js?g=#################################################################################################
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/effect/skillEffect214.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/effect/boomEffect200.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/effect/bulletHitEffect212.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/music/music_face216.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/music/music_main210.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/enemy/Bat.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/effect/generalEffect213.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/sound/sound213.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/hero/WenJie.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/hero/ZangShi.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/hero/XiaoMeiZombie.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/gun/specialGun216.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/weapon/weapon194.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/sound/uiSound.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/sound/boomSound.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/enemy/RifleHornetShooter.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/hero/XinLing.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/hero/Girl89.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/BasicUI206.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/IconGather216.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/SkillIcon214.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/AchieveIcon219.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/ThingsIcon219.swf
- http://st##.#pi.4399.com/flashflowstatis/submitflowstatis.php?ga#################################################################################################################################...
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/WilderUI196.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/BodyImg214.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/equip/equipGather216.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/equip/equipIcon203.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/uiGather219.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/gun/gunGather.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/effect/effectGather213.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/hero/Striker100.swf
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/swf/UI/MainUI217.swf
- http://cd#.###an.4399sj.com/anti-indulge-frame/dist/bubble.js
- http://www.uc##g.com/uploads/2018/1228/20181228083419501.png
- http://ne####g.5054399.com/images/comm/wenhuajingying_20-20.png
- http://www.43##.com/flashzt/img/newaobidao/ico.gif
- http://ne####g.5054399.com/uploads/userup/1904/0109340VH7.jpg
- http://ne####g.5054399.com/uploads/userup/2003/02114H53N3.jpg
- http://im###.5054399.com/upload_pic/2019/7/1/4399_16573281984.jpg
- http://im###.5054399.com/upload_pic/2020/1/18/4399_14512508722.jpg
- http://im###.5054399.com/upload_pic/2019/12/4/4399_17183525704.jpg
- http://www.43##.com/images/play/top_bar.gif
- http://im###.5054399.com/upload_pic/2019/5/6/4399_10373523681.jpg
- http://www.43##.com/images/flashadimg/bqyx_bg3_v2.jpg
- http://im###.5054399.com/upload_pic/2019/5/6/4399_09282629534.jpg
- http://www.43##.com/flashzt/img/bqyx/topbg.jpg
- http://im##.#054399.com/upload_pic/2019/5/6/4399_10211205181.jpg
- http://im##.#054399.com/upload_pic/2019/5/6/4399_14065058739.jpg
- http://im###.5054399.com/upload_pic/2019/9/27/4399_10212868673.jpg
- http://im###.5054399.com/upload_pic/2020/1/17/4399_15302138672.jpg
- http://ne####g.5054399.com/uploads/userup/1912/020944193644.jpg
- http://im###.5054399.com/upload_pic/2019/5/6/4399_10030703331.jpg
- http://ne####g.5054399.com/uploads/userup/2003/02114630EP.jpg
- http://www.43##.com/css/bqyx_20190130.css
- http://bq##.#ddata6.com/bqyxzsdata/banben.txt
- http://bq##.#ddata6.com/bqyxzsdata/zdbanben.txt
- http://bq##.#ddata6.com/bqyxzsdata/gonggao.txt
- http://bq##.#ddata6.com/bqyxzsdata/tj.html?V4##
- http://bq##.#ddata6.com/bqyxzsdata/tjrj.txt
- http://ne####g.5054399.com/js/checkMobile.js
- http://www.43##.com/jss/jquery-1.2.1.pack.js
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/xfkxv2191.htm
- http://www.43##.com/jss/trace_news.js
- http://www.43##.com/images/play/logo.gif
- http://www.43##.com/flashzt/img/bqyx/btn2.png
- http://ne####g.5054399.com/uploads/userup/2003/021142345A4.gif
- http://ne####g.5054399.com/uploads/allimg/190131/125_1841266881.jpg
- http://www.43##.com/flashzt/img/bqyx/btn1.png
- http://ne####g.5054399.com/uploads/userup/2003/021145292116.jpg
- http://s1#.#399.com/4399swf/js/chkDomain.js
- http://www.43##.com/flashzt/img/bqyx/bg4_v1.png
- http://pt####n.3304399.net/resource/ucenter.js
- http://cd#.###ment.4399pk.com/control/A4399dv_base_main.swf?20######
- http://www.43##.com/flashzt/img/bqyx/zb_bg.png
- http://www.43##.com/flashzt/img/bqyx/nav1.png
- http://st##.#pi.4399.com/xml.php?ra###########################################################################################################################################
- http://www.43##.com/jss/lazy_iframe.js
- http://www.43##.com/flashzt/img/bqyx/bg11.png
- http://st##.#pi.4399.com/flash_ad_version.xml?ra#######################
- http://www.43##.com/flashzt/img/bqyx/bg2.png
- http://www.43##.com/flashzt/img/bqyx/bg1_20150806.jpg
- http://www.43##.com/flashzt/img/bqyx0724/ins_tab.png
- http://www.43##.com/flashzt/img/bqyx20141106/ins_bg20150210.jpg
- http://www.43##.com/jss/unilogin_package.js
- http://www.43##.com/jss/news_footer.js
- http://cd#.###ment.4399pk.com/control/4399.swf?20######
- http://www.43##.com/imageyx/seer2012/hottop.gif
- http://www.43##.com/flashzt/img/bqyx/box1.png
- http://cd#.###ment.4399pk.com/control/A4399dv_base.swf?20######
- http://www.43##.com/flashzt/img/bqyx/bg10.png
- http://s4.##g4399.com/flashUniLogin/css/style.css?v=########
- http://www.43##.com/flashzt/img/bqyx20141106/bg5_2.png
- http://www.43##.com/flashzt/img/bqyx/bg6.png
- http://s1#.#399.com/4399swf/upload_swf/ftp15/linxy/20150324/gun/xfkxv2191.swf
- http://www.43##.com/flashzt/img/bqyx/libg_1.gif
- http://fp######ad2.macromedia.com/get/flashplayer/update/current/install/version.xml19.0.0.207~installVector=2&lang=en&cpuWordLength=64&playerType=ax&os=win&osVer=13
- http://pt####n.3304399.net/resource/css/base.css
- http://www.43##.com/flashzt/img/bqyx/zb_more.png
- http://st##.#pi.4399.com/crossdomain.xml
- http://www.43##.com/flashzt/img/bqyx20141106/bg7.png
- http://st##.#pi.4399.com/flash_ctrl_version.xml?ra###################
- http://www.43##.com/flashzt/img/bqyx20141106/bg8.png
- http://cd#.###ment.4399pk.com/crossdomain.xml
- http://cd#.###ment.4399pk.com/control/zwsf2-3.gif?20######
- http://www.43##.com/flashzt/img/bqyx/sr.png
- http://ne####g.5054399.com/images/comm/youxidzbq_20-20.png
- http://www.uc##g.com/uploads/icon/ce.png
UDP
- DNS ASK 43##.com
- DNS ASK c.##zz.com
- DNS ASK hq###.cnzz.com
- DNS ASK w.##zz.com
- DNS ASK gp##.#399api.net
- DNS ASK s9.#nzz.com
- DNS ASK 43#####t.5054399.com
- DNS ASK cd#.#2wq.com
- DNS ASK hm.##idu.com
- DNS ASK bd###.#hare.baidu.com
- DNS ASK uc##g.com
- DNS ASK ne##.4399.com
- DNS ASK cd#.###ment.4399pk.com
- DNS ASK st##.#pi.4399.com
- DNS ASK fp######ad2.macromedia.com
- DNS ASK cd#.###an.4399sj.com
- DNS ASK s4.##g4399.com
- DNS ASK pt####n.3304399.net
- DNS ASK im##.#054399.com
- DNS ASK im###.5054399.com
- DNS ASK s1#.#399.com
- DNS ASK ne####g.5054399.com
- DNS ASK s1#.#nzz.com
- DNS ASK bq##.#ddata6.com
- DNS ASK ns####k.baidu.com
- DNS ASK z1#.#nzz.com
Другое
Ищет следующие окна
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
