Техническая информация
- '%WINDIR%\tpqee\bibibei32.exe'
- '%WINDIR%\tpqee\bibibei.exe'
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://www.ne##y.com/cpm/10102/10194.jsp?s=##########
- '<SYSTEM32>\reg.exe' delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bibibei /f
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\tpqee\_dk.bat
- '<SYSTEM32>\regsvr32.exe' /s "%PROGRAM_FILES%\±И±ИЯВ\bibibei.dll"
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://u.##wan.com/cj/direct/628138.html
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://www.un###big.com/v.html?P=###################
- %ALLUSERSPROFILE%\Start Menu\Programs\±И±ИЯВ\±И±ИЯВ№Щ·ЅНшХѕ.lnk
- %PROGRAM_FILES%\±И±ИЯВ\bibibei.ico
- %ALLUSERSPROFILE%\Start Menu\Programs\±И±ИЯВ\Р¶ФШ.lnk
- %WINDIR%\tpqee\_dk.bat
- %PROGRAM_FILES%\±И±ИЯВ\Р¶ФШ.exe
- %WINDIR%\tpqee\bibibei32.exe
- %WINDIR%\tpqee\bibibei.exe
- %PROGRAM_FILES%\±И±ИЯВ\bibibei.dll
- %PROGRAM_FILES%\±И±ИЯВ\±И±ИЯВ№Щ·ЅНшХѕ.url
- %TEMP%\nsq2.tmp\System.dll
- %WINDIR%\tpqee\bibibei32.exe
- %WINDIR%\tpqee\bibibei.exe
- %TEMP%\nsq2.tmp\System.dll
- 'localhost':1041
- 'localhost':1043
- 'localhost':1045
- 'localhost':1037
- 't.###ibei.com':80
- 'localhost':1039
- t.###ibei.com/thinker/install.do
- DNS ASK www.un###big.com
- DNS ASK www.ne##y.com
- DNS ASK t.###ibei.com
- DNS ASK u.##wan.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'