Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '360НшВз°ІИ«' = '%PROGRAM_FILES%\haokan\haokan.exe'
- %PROGRAM_FILES%\haokan\haokan.exe
- %WINDIR%\12399.ico
- %PROGRAM_FILES%\haokan\haokan.exe
- %PROGRAM_FILES%\haokan\krnln.fnr
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\aztj[1].html
- %HOMEPATH%\Desktop\МФ±¦ИИВф.lnk
- %PROGRAM_FILES%\haokan\iext.fnr
- %PROGRAM_FILES%\haokan\eCompress.fne
- %PROGRAM_FILES%\haokan\downlib.fne
- %PROGRAM_FILES%\haokan\Install.ini
- %PROGRAM_FILES%\haokan\WebBrowser2.fne
- %PROGRAM_FILES%\haokan\shell.fne
- %PROGRAM_FILES%\haokan\iext2.fne
- C:\114Downloads\YoudaoDict_zhusha_maidong_0027.zip в C:\114Downloads\YoudaoDict_zhusha_maidong_0027.exe
- C:\114Downloads\FunshionInstall.zip в C:\114Downloads\FunshionInstall.exe
- '39##1.cn':80
- 's.###link.com':80
- 'localhost':1038
- 'www.39##1.cn':80
- s.###link.com/link/127088/
- www.39##1.cn/zhibo8ba/setup_open_192.exe
- s.###link.com/link/115849/
- www.39##1.cn/zhibo8ba/FunshionInstall.zip
- 39##1.cn/tj/aztj.html
- www.39##1.cn/zhibo8ba/YoudaoDict_zhusha_maidong_0027.zip
- DNS ASK s.###link.com
- DNS ASK 39##1.cn
- DNS ASK www.39##1.cn
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''