Техническая информация
- '%TEMP%\91assistant_5.0559.sfx.exe'
- '%PROGRAM_FILES%\Е®ЙсБЄГЛ\yxheziyin_nslm.exe'
- '%TEMP%\91assistant_5.0559.sfx.exe' (загружен из сети Интернет)
- '<SYSTEM32>\DllHost.exe' /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
- %PROGRAM_FILES%\602game\nslm\static.ini
- %PROGRAM_FILES%\602game\nslm\nslm.exe
- %PROGRAM_FILES%\Е®ЙсБЄГЛ\yxheziyin_nslm.exe
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Е®ЙсБЄГЛ.lnk
- C:\Users\Public\Desktop\Е®ЙсБЄГЛ.lnk
- %TEMP%\91assistant_5.0559.sfx.exe
- %TEMP%\nst72C1.tmp\NSISdl.dll
- %TEMP%\nsn72B0.tmp
- %TEMP%\reply.htm
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\tongji[1]
- %TEMP%\nst72C1.tmp\inetc.dll
- %TEMP%\nst72C1.tmp\NSISdl.dll
- %TEMP%\nst72C1.tmp\inetc.dll
- 'bo#.#xdown.com':80
- 'dl.##.91.com':80
- bo#.#xdown.com/tongji/?w=###################################
- dl.##.91.com/business/assistant/91assistant_5.0559.sfx.exe
- DNS ASK bo#.#xdown.com
- DNS ASK dl.##.91.com