Техническая информация
- '%WINDIR%\syswow64\taskkill.exe' /f /im Ksafetray.exe
- %APPDATA%\spiritsoft\urlspirit\jlguaji.exe
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\bzjx5bke\loading_status[1]
- %APPDATA%\spiritsoft\urlspirit\product.dat
- http://ur#####it.spiritsoft.cn/urlcore/olgjcfgs.dat?q=##
- http://ur#####it.spiritsoft.cn/urlcore/olgjcfgs.dat?q=#####
- http://ba##.#piritsoft.cn/urlcore/olgjcfgs.dat?q=####
- http://ba##.#piritsoft.cn/urlcore/olgjcfgs.dat?q=#####
- DNS ASK ur#####it.spiritsoft.cn
- DNS ASK ba##.#piritsoft.cn
- DNS ASK ur#####it.urlspirit.com
- ClassName: '' WindowName: '流量精灵挂机版 4.0.1'
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- ClassName: 'Edit' WindowName: ''
- ClassName: 'Button' WindowName: '开始挂机'
- '%APPDATA%\spiritsoft\urlspirit\jlguaji.exe'
- '%WINDIR%\syswow64\taskkill.exe' /f /im Ksafetray.exe' (со скрытым окном)
- '%APPDATA%\spiritsoft\urlspirit\jlguaji.exe' ' (со скрытым окном)