Техническая информация
- '%TEMP%\kingsoftkonline\KINSTALLERS_66_48071.exe' /s
- 'C:\KINSTALLERS_66_48071.exe'
- 'C:\down_s_66_46181.exe'
- '%TEMP%\kingsoftkonline\KINSTALLERS_66_48071.exe' (загружен из сети Интернет)
- %TEMP%\send_b40.gz
- <LS_APPDATA>\liebao\Bootsetup\2.1.11.3341\66\boot_setup.pack.tmp
- %TEMP%\kingsoftkonline\KINSTALLERS_66_48071.exe.tmp
- <Текущая директория>\SkinH_EL.dll
- C:\down_s_66_46181.exe
- C:\KINSTALLERS_66_48071.exe
- <Текущая директория>\SkinH_EL.dll
- <LS_APPDATA>\liebao\Bootsetup\2.1.11.3341\66\boot_setup.pack
- %TEMP%\send_b40.gz
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\kingsoftkonline\KINSTALLERS_66_48071.exe.tmp в %TEMP%\kingsoftkonline\KINSTALLERS_66_48071.exe
- <LS_APPDATA>\liebao\Bootsetup\2.1.11.3341\66\boot_setup.pack.tmp в <LS_APPDATA>\liebao\Bootsetup\2.1.11.3341\66\boot_setup.pack
- 'bo.###a.net:8080':80
- 'cd###.www.duba.net':80
- 'li####.tj.ijinshan.com':80
- 'up.##ebao.cn':80
- cd###.www.duba.net/duba/install/2011/ever/kavsetyups_66_0.exe
- bo.###a.net:8080/pagetracer2/duba/__utm.gif?01#####################################################################################################################
- up.##ebao.cn/liebao/boot_setup.php?pi####################
- li####.tj.ijinshan.com/data/
- DNS ASK bo.###a.net:8080
- DNS ASK cd###.www.duba.net
- DNS ASK li####.tj.ijinshan.com
- DNS ASK up.##ebao.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'