Техническая информация
- '%TEMP%\qliao2.exe' /sp- /verysilent /norestart
- '<LS_APPDATA>\DDVInstall.exe'
- '%TEMP%\qliao2.exe' (загружен из сети Интернет)
- %TEMP%\qliao2.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\default[1].htm
- <LS_APPDATA>\Client.ini
- %TEMP%\~1.bat
- <LS_APPDATA>\DDVInstall.exe
- %TEMP%\~1.bat
- <LS_APPDATA>\Client.ini
- <LS_APPDATA>\DDVInstall.exe
- %TEMP%\~1.bat
- 'www.91##5.com':80
- 'www.xu###i100.com':80
- 'localhost':1037
- www.91##5.com/DownLoad/File/VersionInfo/default.htm
- www.xu###i100.com/youbak/software/partner/4/qliao2.exe
- DNS ASK www.91##5.com
- DNS ASK www.xu###i100.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''