Техническая информация
- скрытых файлов
- расширений файлов
- '%TEMP%\~nsu.tmp\Au_.exe' _?=%TEMP%\
- '%TEMP%\uninst.exe'
- '%TEMP%\nsm3.tmp\ns4.tmp' %TEMP%\360.bat /c
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://tj.#####code.meibu.com:8080/alltj.html?36#
- '<SYSTEM32>\wscript.exe' %TEMP%\main.vbs
- <SYSTEM32>\cmd.exe
- %TEMP%\uninst.exe
- %TEMP%\temp.ini
- %TEMP%\nsm3.tmp\System.dll
- %TEMP%\nss8.tmp
- %TEMP%\~nsu.tmp\Au_.exe
- %TEMP%\nse6.tmp
- %TEMP%\nsm3.tmp\InetLoad.dll
- %PROGRAM_FILES%\Internet Explorer\ie.amico
- %TEMP%\nsr2.tmp
- %TEMP%\nsm3.tmp\KillProcDLL.dll
- %TEMP%\nsm3.tmp\ns4.tmp
- %TEMP%\nsm3.tmp\nsExec.dll
- %TEMP%\nsm3.tmp\System.dll
- %TEMP%\uninst.exe
- %TEMP%\temp.ini
- %TEMP%\nsm3.tmp\nsExec.dll
- %TEMP%\nsm3.tmp\ns4.tmp
- %TEMP%\nsm3.tmp\InetLoad.dll
- %TEMP%\nsm3.tmp\KillProcDLL.dll
- 'tj.####-code.meibu.com':8080
- 'localhost':1041
- 'do##.###d-code.meibu.com':8080
- DNS ASK tj.####-code.meibu.com
- DNS ASK do##.###d-code.meibu.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'