Техническая информация
- '%TEMP%\1028879B-BAB0-7891-A084-9B3DEB844F6E\IME.exe' /S /NOTRAY
- '%TEMP%\1028879B-BAB0-7891-A084-9B3DEB844F6E\Runner.exe' -exename=IME.exe -offername=offer_57 -cmdln="/S /NOTRAY" -affilid=127363
- '%TEMP%\IMEBabylon.exe' -affilid=127363
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\get_install_msg[1].htm
- <SYSTEM32>\baidujp20.cfg
- <LS_APPDATA>\Baidu\IME\3.4.0.10\Log\IME.log
- %TEMP%\baidu_jp_ime\update\newver.xml
- %TEMP%\nsa2.tmp\Registry.dll
- %TEMP%\IMEBabylon.exe
- %TEMP%\1028879B-BAB0-7891-A084-9B3DEB844F6E\Runner.exe
- %TEMP%\1028879B-BAB0-7891-A084-9B3DEB844F6E\IME.exe
- 'do#####d.ime.baidu.jp':80
- 'sy##.#me.baidu.jp':80
- 'st##.##fo-stream.net':80
- do#####d.ime.baidu.jp/newver.xml
- st##.##fo-stream.net/report.php?no##############################################################################################
- sy##.#me.baidu.jp/cgi-bin/get_install_msg.cgi
- DNS ASK do#####d.ime.baidu.jp
- DNS ASK sy##.#me.baidu.jp
- DNS ASK st##.##fo-stream.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'