Техническая информация
- '%TEMP%\RarSFX0\m.exe' "http://so##.#hinaitlm.cn/soft/YoudaoDict_zhusha_quantui_001.exe"
- '%TEMP%\RarSFX0\m.exe' "http://do####ad.youbak.com/msn/software/partner/36a.exe"
- '%TEMP%\RarSFX0\m.exe' "http://www.xu###i6x.com/msn/software/partner/1/MiguMusic6.exe"
- '%TEMP%\RarSFX0\m.exe' "http://in.##inaitlm.cn/7xdown.exe"
- '%APPDATA%\JjlDownLoader\0CloudEx_onlinesetup.exe'
- '%APPDATA%\JjlDownLoader\0CloudEx_onlinesetup.exe' (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\YoudaoDict_zhusha_quantui_001[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\36a[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\MiguMusic6[1].exe
- %TEMP%\RarSFX0\m.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\7xdown[1].exe
- %APPDATA%\JjlDownLoader\0CloudEx_onlinesetup.exe
- %TEMP%\RarSFX0\m.exe
- %APPDATA%\JjlDownLoader\0CloudEx_onlinesetup.exe
- 'do####ad.youbak.com':80
- 'localhost':1041
- 'www.xu###i6x.com':80
- 'localhost':1043
- 'in.##inaitlm.cn':80
- 'localhost':1036
- 'so##.#hinaitlm.cn':80
- 'localhost':1039
- do####ad.youbak.com/msn/software/partner/36a.exe
- www.xu###i6x.com/msn/software/partner/1/MiguMusic6.exe
- in.##inaitlm.cn/7xdown.exe
- so##.#hinaitlm.cn/soft/YoudaoDict_zhusha_quantui_001.exe
- DNS ASK do####ad.youbak.com
- DNS ASK www.xu###i6x.com
- DNS ASK in.##inaitlm.cn
- DNS ASK so##.#hinaitlm.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''