Техническая информация
- %TEMP%\hahayx1.exe
- %PROGRAM_FILES%\Baidu\AddressBar\ASBarBroker.exe -RegServer
- %TEMP%\taobao.exe
- %TEMP%\Setupnn.exe
- <SYSTEM32>\cmd.exe /c %TEMP%\$$30689.bat
- %TEMP%\nse5.tmp\modern-header.bmp
- %TEMP%\nse5.tmp\InstallOptions.dll
- %ALLUSERSPROFILE%\Start Menu\Programs\百度地址栏\百度地址栏官网.url
- %TEMP%\nse5.tmp\ioSpecial.ini
- %TEMP%\nse5.tmp\modern-wizard.bmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\lcun709[1].txt
- %TEMP%\$$30689.bat
- %ALLUSERSPROFILE%\Start Menu\Programs\百度地址栏\卸载百度地址栏.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\lcun709[1].txt
- %TEMP%\JNNQNHVTPDR.zbc
- %TEMP%\hahayx1.exe
- %HOMEPATH%\Desktop\Internet Explorer.URL
- %TEMP%\Setupnn.exe
- %TEMP%\nsp2.tmp\System.dll
- %TEMP%\taobao.exe
- %PROGRAM_FILES%\Baidu\AddressBar\AddressBar.dll
- %PROGRAM_FILES%\Baidu\AddressBar\ASBarBroker.exe
- %PROGRAM_FILES%\Baidu\AddressBar\AddressBar_Tmp\AddressBar.dll
- %HOMEPATH%\Favorites\====НшЦ·Ц®јТ====.URL
- %TEMP%\nsp2.tmp\ShellLink.dll
- %TEMP%\JNNQNHVTPDR.zbc
- %TEMP%\nsp2.tmp\System.dll
- %TEMP%\nsp2.tmp\ShellLink.dll
- 'hi##.qqjes.com':80
- 'localhost':1037
- hi##.qqjes.com/pages/lcun709.txt
- DNS ASK hi##.qqjes.com
- DNS ASK ud#.#job123.com
- 'ud#.#job123.com':31803
- ClassName: 'Shell_TrayWnd' WindowName: ''