Technical Information
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://e.##168.com/?dn########
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://it##.taobao.com/auction/item_detail.htm?it####################
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://hi.##idu.com/dnf%C5%D8%CF%F8/blog/item/ad5418abe1950ef6faed5065.html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\item_detail[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ad5418abe1950ef6faed5065[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\e.ys168[1]
- 'e.##168.com':80
- 'hi.##idu.com':80
- 'it##.taobao.com':80
- 'localhost':1036
- 'localhost':1037
- 'localhost':1038
- it##.taobao.com/auction/item_detail.htm?it####################
- hi.##idu.com/dnf%C5%D8%CF%F8/blog/item/ad5418abe1950ef6faed5065.html
- e.##168.com/?dn########
- DNS ASK it##.taobao.com
- DNS ASK hi.##idu.com
- DNS ASK e.##168.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''