Техническая информация
- %WINDIR%\Tasks\Kuho_Install_Program.job
- '%TEMP%\3.exe'
- '%TEMP%\44.exe'
- '%TEMP%\GLJ5.tmp' <SYSTEM32>\AdvSC.dll
- '%TEMP%\_K10.tmp' /S /v/qn /vendor=bcnet-022
- '%TEMP%\RarSFX0\enrtins_final.exe' bcnet-022
- '%TEMP%\11.exe'
- '%TEMP%\2.exe'
- '%TEMP%\_K10.tmp' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX0\bcnet022.bat" "
- %TEMP%\3.exe
- %TEMP%\_K10.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kuho[1].exe
- %TEMP%\44.exe
- <SYSTEM32>\~GLH0000.TMP
- %TEMP%\GLJ5.tmp
- %TEMP%\GLC4.tmp
- %TEMP%\RarSFX0\enrtins_final.exe
- %TEMP%\RarSFX0\bcnet022.bat
- %TEMP%\11.exe
- %TEMP%\2.exe
- %TEMP%\nsj3.tmp\NSISdl.dll
- %TEMP%\nsj3.tmp\System.dll
- %TEMP%\nse2.tmp
- %TEMP%\GLC4.tmp
- %TEMP%\GLJ5.tmp
- %TEMP%\nsj3.tmp\System.dll
- %TEMP%\nsj3.tmp\NSISdl.dll
- %TEMP%\_K10.tmp
- %WINDIR%\Tasks\Kuho_Install_Program.job
- %TEMP%\RarSFX0\bcnet022.bat
- %TEMP%\RarSFX0\enrtins_final.exe
- <SYSTEM32>\~GLH0000.TMP в <SYSTEM32>\AdvSC.dll
- 'any':80
- 'do####ad.kuho.com':80
- 'localhost':1036
- do####ad.kuho.com/popu/mini/kuho.exe
- DNS ASK fi##.#qhelper.com
- DNS ASK CL###T.ZCOM.COM
- DNS ASK do####ad.kuho.com
- DNS ASK fi###.qqhelper.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'