Technical Information
- '%TEMP%\~!09wte09.tmp'
- '%TEMP%\~!09wxe09.tmp'
- '%TEMP%\~!09wee09.tmp'
- '%TEMP%\~!0958e09.tmp'
- '%TEMP%\~!09wte09.tmp' (downloaded from the Internet)
- '%TEMP%\~!09wxe09.tmp' (downloaded from the Internet)
- '%TEMP%\~!0958e09.tmp' (downloaded from the Internet)
- '%TEMP%\~!09wee09.tmp' (downloaded from the Internet)
- %TEMP%\~!09wxe09.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dnf01[1].htm
- %TEMP%\~!09wte09.tmp
- %TEMP%\~!0958e09.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\fuyun[1].htm
- %TEMP%\~!09wee09.tmp
- 'www.dn##1.com':80
- 'sb.#55t.com':80
- 'localhost':1035
- sb.#55t.com/fuyun/2.bin
- sb.#55t.com/fuyun/3.bin
- sb.#55t.com/fuyun/4.bin
- sb.#55t.com/fuyun/1.bin
- www.dn##1.com/mfsm/fuyun/fuyun.htm
- www.dn##1.com/dnf01.htm
- DNS ASK www.dn##1.com
- DNS ASK sb.#55t.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''