Technical Information
- %WINDIR%\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\5266[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\iclk[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\tongji[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\3214[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\lelev8[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\feixiandao.uueasy[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\wstv[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\index-htm-m-bbs-cateid-6[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\6625[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\1118-DnYCM[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\List[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\tv[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\llv8[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\tongji[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\jiangzei[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\520[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\wuye[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\iclk[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\5266[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\52shanhu[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\tv[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kubo51[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\le6tv[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\nitian[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\nitian[2].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\tongji[1]
- <SYSTEM32>\caonima.ime
- %WINDIR%\svchost.exe
- <SYSTEM32>\Software.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\87dyw[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\xiaoyuang.ys168[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\1[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\gaga[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\jueai[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\dj[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\5266[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\tongji[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\nitian[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\nitiane[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\tongji[2]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\nitian[2].htm
- <SYSTEM32>\caonima.ime
- <SYSTEM32>\Software.dll
- 'www.ew##ai.com':80
- 'www.52#6.me':80
- 'www.66#5.me':80
- 'www.52###nhu.com':80
- 'fe#####dao.uueasy.com':80
- 'www.le##v8.net':80
- 'www.13###21kan.com':80
- 'www.77##k.com':80
- 'www.ll#8.cc':80
- 'www.32#4.cn':80
- 'www.66##.com':80
- 'www.66##kan.com':80
- 'www.le##v.com':80
- 'localhost':1041
- 'www.87##w.com':80
- 'localhost':1035
- 'xi####ang.ys168.com':80
- 'www.ku##51.com':80
- 'www.52##dy.com':80
- 'www.11##1wg.com':80
- 'www.11##1wg.net':80
- 'www.04##dj.com':80
- '77##k.com':80
- www.11##1wg.net/tongji/
- www.52#6.me/?ju###
- www.32#4.cn/?ju###
- www.le##v8.net/?ju###
- www.ew##ai.com/iclk/?zo##############
- fe#####dao.uueasy.com/index-htm-m-bbs-cateid-6.html
- fe#####dao.uueasy.com/
- www.66#5.me/?ju###
- www.66#5.me/soft/Dn_YCM/1118-DnYCM.htm
- www.66##.com/wuye.html
- www.ll#8.cc/?ju###
- www.le##v.com/List.asp?Cl########
- www.77##k.com/tongji/
- www.13###21kan.com/jiangzei/
- www.le##v.com/tv
- www.ew##ai.com/iclk/?zo################
- www.66##.com/520.html
- www.le##v.com/5266.html
- www.52###nhu.com/
- www.11##1wg.net/nitian.htm
- 77##k.com/tongji/
- www.52##dy.com/tongji/
- www.52##dy.com/nitian.htm
- www.04##dj.com/nitian.htm
- www.87##w.com/
- xi####ang.ys168.com/
- www.ku##51.com/
- www.le##v.com/
- www.11##1wg.com/nitiane.htm
- www.le##v.com/dj
- www.le##v.com/5266.htm
- www.87##w.com/wstv
- www.87##w.com/tv/
- www.52###nhu.com/jueai.htm
- www.66##kan.com/tongji/
- www.11##1wg.com/nitian.htm
- www.52###nhu.com/1.htm
- 77##k.com/gaga.htm
- DNS ASK www.52#6.me
- DNS ASK www.le##v8.net
- DNS ASK www.ew##ai.com
- DNS ASK fe#####dao.uueasy.com
- DNS ASK www.66#5.me
- DNS ASK www.32#4.cn
- DNS ASK www.13###21li.com
- DNS ASK www.04##kan.com
- DNS ASK www.13###21kan.com
- DNS ASK www.66##.com
- DNS ASK www.ll#8.cc
- DNS ASK www.52###nhu.com
- DNS ASK www.ku##51.com
- DNS ASK www.04##dj.com
- DNS ASK www.le##v.com
- DNS ASK xi####ang.ys168.com
- DNS ASK www.87##w.com
- DNS ASK 77##k.com
- DNS ASK www.66##kan.com
- DNS ASK www.77##k.com
- DNS ASK www.11##1wg.com
- DNS ASK www.11##1wg.net
- DNS ASK www.52##dy.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'CicLoaderWndClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''