Техническая информация
- '%PROGRAM_FILES%\ksbinstaller_s_66_49146.exe'
- '%PROGRAM_FILES%\KAVSETUPS_66_82255.exe'
- '%TEMP%\RarSFX0\软件印章大师.exe'
- '%TEMP%\RarSFX0\svchost.exe'
- '%PROGRAM_FILES%\KAVSETUPS_66_82255.exe' (загружен из сети Интернет)
- '%PROGRAM_FILES%\ksbinstaller_s_66_49146.exe' (загружен из сети Интернет)
- %TEMP%\RarSFX0\svchost.exe
- %TEMP%\RarSFX0\软件印章大师.exe
- %TEMP%\RarSFX0\软件印章大师.exe
- %TEMP%\RarSFX0\svchost.exe
- 'd.#####.ijinshan.com':80
- 'dl.####n.ijinshan.com':80
- d.#####.ijinshan.com/weishi/link/setups_66_61972.exe
- dl.####n.ijinshan.com/duba/link/KAVSETUPS_66_82255.exe
- dl.####n.ijinshan.com/liebao/link/ksbinstaller_s_66_49146.exe
- DNS ASK d.#####.ijinshan.com
- DNS ASK dl.####n.ijinshan.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'