Техническая информация
- '%WINDIR%\Temp\201192018822.exe'
- '%WINDIR%\Temp\201192018821.exe'
- Библиотека-обработчик для всех процессов: %WINDIR%\temp\cfgdll.dll
- %TEMP%\ad-mymacro9.xml
- %TEMP%\adcon\mm\tmpad.xml
- %WINDIR%\Temp\plugin\SYS.DLL
- %TEMP%\mymacro.zip
- %APPDATA%\qmacro\qdisp.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ad-mymacro[1].xml
- %WINDIR%\Temp\uservar.ini
- %WINDIR%\Temp\cfgdll.dll
- %TEMP%\2025.tmp
- %WINDIR%\Temp\2011915204647.exe
- %TEMP%\3.tmp
- %WINDIR%\Temp\201192018821.exe
- %WINDIR%\Temp\201192018822.exe
- %TEMP%\4.tmp
- %WINDIR%\Temp\plugin\REGDLL.DLL
- %WINDIR%\Temp\plugin\FILE.DLL
- %TEMP%\plugin.zip
- %WINDIR%\Temp\plugin\MSG.DLL
- %TEMP%\adcon\mm\tmpad.xml
- %TEMP%\mymacro.zip
- %TEMP%\plugin.zip
- %TEMP%\ad-mymacro9.xml.tmp в %TEMP%\ad-mymacro9.xml
- 'do##.#rbrothers.com':80
- 'ad.###rothers.com':80
- 'localhost':1038
- do##.#rbrothers.com/qmacro/up_mymacro/liveupdate8.dat
- ad.###rothers.com/qmacro/v9/ad-mymacro.xml
- DNS ASK hi.###rothers.com
- DNS ASK do##.#rbrothers.com
- DNS ASK ad.###rothers.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'