Technical Information
- '%PROGRAM_FILES%\yunboplayer\yunboplayer.exe'
- '<SYSTEM32>\DllHost.exe' /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
- %PROGRAM_FILES%\Favorite\ico\sg1.ico
- %PROGRAM_FILES%\Favorite\ico\tb1.ico
- %PROGRAM_FILES%\Favorite\ico\ie.ico
- %PROGRAM_FILES%\Favorite\ico\360.ico
- %PROGRAM_FILES%\Favorite\ico\ay.ico
- %HOMEPATH%\Desktop\МФ±¦Нш.lnk
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ubohe[1].txt
- %HOMEPATH%\Desktop\Internet Explorer.lnk
- %HOMEPATH%\Desktop\ФЖІҐУ°КУєР.lnk
- %HOMEPATH%\Desktop\360°ІИ«дЇААЖч.lnk
- %PROGRAM_FILES%\Favorite\ico\23451.ico
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\pk.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\tv.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\min.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\max-2.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\menu.jpg
- %PROGRAM_FILES%\Favorite\МФ±¦Нш.url
- %PROGRAM_FILES%\Favorite\ico\123.ico
- %PROGRAM_FILES%\Favorite\ЛС№·µјєЅ.url
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\zb.jpg
- %PROGRAM_FILES%\Favorite\2345µјєЅ.url
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\bullet[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\info_48[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\info_48[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\BOWDBRP7\httpErrorPagesScripts[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\HttpErrorPagesScripts[2]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\background_gradient[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\down[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\BOWDBRP7\bullet[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\bullet[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\background_gradient[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\HttpErrorPagesScripts[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\dnserrordiagoff_webOC[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\BOWDBRP7\syntax[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\syntax[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\tongji[1].php
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\BOWDBRP7\link[1].txt
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\errorPageStrings[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\errorpagestrings[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\errorpagestrings[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ErrorPageTemplate[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\ErrorPageTemplate[1]
- %PROGRAM_FILES%\yunboplayer\favorite\МФ±¦Нш.url
- %PROGRAM_FILES%\yunboplayer\favorite\ico\123.ico
- %PROGRAM_FILES%\yunboplayer\favorite\ЛС№·µјєЅ.url
- %PROGRAM_FILES%\yunboplayer\app\yunboapp.exe
- %PROGRAM_FILES%\yunboplayer\favorite\2345µјєЅ.url
- %PROGRAM_FILES%\yunboplayer\favorite\ico\ie.ico
- %PROGRAM_FILES%\yunboplayer\favorite\ico\sg1.ico
- %PROGRAM_FILES%\yunboplayer\favorite\ico\ay.ico
- %PROGRAM_FILES%\yunboplayer\favorite\ico\23451.ico
- %PROGRAM_FILES%\yunboplayer\favorite\ico\360.ico
- %PROGRAM_FILES%\yunboplayer\app\loading.swf
- %TEMP%\nseFE8B.tmp\bbbb
- %PROGRAM_FILES%\yunboplayer\link.txt
- %TEMP%\nseFE8B.tmp\NSISdl.dll
- %TEMP%\nsyFE7B.tmp
- %TEMP%\nseFE8B.tmp\System.dll
- %PROGRAM_FILES%\yunboplayer\yunboplayer.exe
- %PROGRAM_FILES%\yunboplayer\app\loading.html
- %PROGRAM_FILES%\yunboplayer\update.exe
- %PROGRAM_FILES%\yunboplayer\tj.txt
- %PROGRAM_FILES%\yunboplayer\ubohe.db
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\dibulan.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\hp.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\bj.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\bf.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\biaotilan.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\lt.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\max-1.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\logo.tif
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\list.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\logo.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\skin\Close.jpg
- %PROGRAM_FILES%\yunboplayer\uboskin\uboplaylist.xml
- %PROGRAM_FILES%\yunboplayer\uboskin\app\loading.html
- %PROGRAM_FILES%\yunboplayer\uboskin\icon.ico
- %PROGRAM_FILES%\yunboplayer\favorite\ico\tb1.ico
- %PROGRAM_FILES%\yunboplayer\uboskin\config.ini
- %PROGRAM_FILES%\yunboplayer\uboskin\html\loading.swf
- %PROGRAM_FILES%\yunboplayer\uboskin\html\logo.gif
- %PROGRAM_FILES%\yunboplayer\uboskin\html\loading.html
- %PROGRAM_FILES%\yunboplayer\uboskin\app\loading.swf
- %PROGRAM_FILES%\yunboplayer\uboskin\html\gbook.html
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\info_48[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\info_48[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\HttpErrorPagesScripts[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\bullet[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\background_gradient[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\background_gradient[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF7T7AK2\bullet[1]
- %TEMP%\nseFE8B.tmp\System.dll
- %TEMP%\nseFE8B.tmp\NSISdl.dll
- %TEMP%\nseFE8B.tmp\bbbb
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\syntax[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\errorpagestrings[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOXZEUJX\ErrorPageTemplate[1]
- <LS_APPDATA>\Microsoft\Windows\Temporary Internet Files\Content.IE5\6P5SDOMI\ErrorPageTemplate[1]
- 'www.mo##shu.com':80
- 'tj.##ccms.net':80
- 'localhost':62488
- 'mu##.#anrenlou.com':80
- '12#.#25.114.144':80
- tj.##ccms.net/tongji.php?fl##################################################################################################
- www.mo##shu.com/bo/config/link.txt
- mu##.#anrenlou.com/201404.txt
- www.mo##shu.com/bo/config/ubohe.txt
- DNS ASK www.mo##shu.com
- DNS ASK tj.##ccms.net
- DNS ASK mu##.#anrenlou.com
- DNS ASK www.ba##u.com
- ClassName: 'MS_WebCheckMonitor' WindowName: '(null)'
- ClassName: 'shell_traywnd' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'