Техническая информация
- '<Текущая директория>\csolfreejs.exe'
- '%TEMP%\dh234.exe' /S
- %PROGRAM_FILES%\baidu\bar\baidubartmp
- %PROGRAM_FILES%\baidu\bar\BaiduBar.dll
- <Текущая директория>\csolfreejs.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ver[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hackwr[1]
- %PROGRAM_FILES%\baidu\bar\baidubar.dat
- %TEMP%\dh234.exe
- %TEMP%\nsn2.tmp
- %TEMP%\nsq4.tmp
- %PROGRAM_FILES%\baidu\bar\img\logo.bmp
- %PROGRAM_FILES%\baidu\bar\img\imglist.bmp
- <Текущая директория>\csolfreejs.exe
- %PROGRAM_FILES%\baidu\bar\baidubartmp
- 'www.ha##wr.cn':80
- 'localhost':1035
- www.ha##wr.cn/csolwg/js/ver.txt
- www.ha##wr.cn/
- DNS ASK www.ha##wr.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'