Техническая информация
- '%TEMP%\setup_qd206.exe'
- '%TEMP%\setup_3038.exe'
- '%TEMP%\setup_qd206.exe' (загружен из сети Интернет)
- '%TEMP%\setup_3038.exe' (загружен из сети Интернет)
- %TEMP%\setup_3038.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\setup_qd206[1].txt
- %TEMP%\nsp5.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\setup_3038[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\1[1].txt
- %TEMP%\2.exe
- %TEMP%\setup_qd206.exe
- %TEMP%\nsp5.tmp\Base64.dll
- %PROGRAM_FILES%\realplay\uninst.exe
- %TEMP%\nsh2.tmp\inetc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\iplookup[1].php
- %TEMP%\nsh2.tmp\System.dll
- %TEMP%\nsh2.tmp\Base64.dll
- %TEMP%\nsp5.tmp\System.dll
- %HOMEPATH%\Start Menu\Programs\realplay\Uninstall.lnk
- %TEMP%\i.dll
- %TEMP%\nsh3.tmp
- %TEMP%\nsp5.tmp\inetc.dll
- %TEMP%\nsp5.tmp\System.dll
- %TEMP%\nsh3.tmp
- %TEMP%\nsp5.tmp\Base64.dll
- 'do##.guangsu.cn':80
- 'www.jl##st.com':80
- 'in#.###ol.sina.com.cn':80
- 'do##.yinyue.fm':80
- do##.guangsu.cn/qdn/setup_qd206.txt
- www.jl##st.com/dl//1.txt
- in#.###ol.sina.com.cn/iplookup/iplookup.php
- do##.yinyue.fm/open/setup_3038.txt
- DNS ASK do##.guangsu.cn
- DNS ASK www.jl##st.com
- DNS ASK in#.###ol.sina.com.cn
- DNS ASK do##.yinyue.fm
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'