Техническая информация
- '%TEMP%\kingsoftkonline\KINSTALLERS_66_4657.exe' /s
- '<SYSTEM32>\KINSTALLERS_66_4657.exe'
- '%TEMP%\kingsoftkonline\KINSTALLERS_66_4657.exe' (загружен из сети Интернет)
- ClassName: '(null)' WindowName: 'Process Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'Registry Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'RegmonClass' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'File Monitor - Sysinternals: www.sysinternals.com'
- ClassName: 'GBDYLLO' WindowName: '(null)'
- ClassName: 'OLLYDBG' WindowName: '(null)'
- ClassName: 'FilemonClass' WindowName: '(null)'
- ClassName: 'pediy06' WindowName: '(null)'
- %TEMP%\kingsoftkonline\KINSTALLERS_66_4657.exe.tmp
- <SYSTEM32>\tb.ini
- <SYSTEM32>\KINSTALLERS_66_4657.exe
- %TEMP%\kingsoftkonline\KINSTALLERS_66_4657.exe.tmp в %TEMP%\kingsoftkonline\KINSTALLERS_66_4657.exe
- 'cd###.www.duba.net':80
- 'bo.###a.net:8080':80
- 'fa###.so88.org':80
- cd###.www.duba.net/duba/install/2011/ever/akavsetups_66_0.exe
- bo.###a.net:8080/pagetracer2/duba/__utm.gif?01#####################################################################################################################
- fa###.so88.org/tb/yz.txt
- DNS ASK cd###.www.duba.net
- DNS ASK bo.###a.net:8080
- DNS ASK fa###.so88.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'
- ClassName: '18467-41' WindowName: '(null)'