Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'load' = '%WINDIR%\Slimit\start.exe'
- %TEMP%\_ir_sf_temp_0\irsetup.exe
- %LOCALAPPDATA%\ub\application\28.2.18.19\qt5xml.dll
- %TEMP%\ub\update\application\28.2.18.19\qt5sql.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qt5sql.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\qt5sql.dll
- %TEMP%\ub\update\application\28.2.18.19\qt5network.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qt5network.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\qt5network.dll
- %TEMP%\ub\update\application\28.2.18.19\qt5core.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qt5core.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\qt5core.dll
- %TEMP%\ub\update\application\28.2.18.19\libwinpthread-1.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\libwinpthread-1.dll
- %TEMP%\ub\update\application\28.2.18.19\libstdc++-6.dll_z
- %LOCALAPPDATA%\ub\application\28.2.18.19\libstdc++-6.dll
- %TEMP%\ub\update\application\28.2.18.19\icudt54.dll
- %TEMP%\ub\update\application\28.2.18.19\libgcc_s_dw2-1.dll_z
- %TEMP%\ub\update\application\28.2.18.19\libgcc_s_dw2-1.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\libgcc_s_dw2-1.dll
- %TEMP%\ub\update\application\28.2.18.19\libeay32.dll_z
- %TEMP%\ub\update\application\28.2.18.19\libeay32.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\libeay32.dll
- %TEMP%\ub\update\application\28.2.18.19\icuuc54.dll_z
- %TEMP%\ub\update\application\28.2.18.19\icuuc54.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\icuuc54.dll
- %TEMP%\ub\update\application\28.2.18.19\icuin54.dll_z
- %TEMP%\ub\update\application\28.2.18.19\icuin54.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\icuin54.dll
- %TEMP%\ub\update\application\28.2.18.19\icudt54.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qt5xml.dll
- %TEMP%\ub\update\application\28.2.18.19\libstdc++-6.dll
- %TEMP%\ub\update\application\28.2.18.19\qt5xml.dll_z
- %WINDIR%\slimit\teniodl_core.dll
- %TEMP%\_ir_sf_temp_0\lua5.1.dll
- %TEMP%\_ir_sf_temp_0\irsetup.dat
- %TEMP%\_ir_sf_temp_0\irimg1.jpg
- %TEMP%\_ir_sf_temp_0\irimg2.jpg
- %TEMP%\_ir_sf_temp_0\irimg3.jpg
- %APPDATA%\config.dat
- %APPDATA%\inst.exe
- %APPDATA%\io.dat
- %APPDATA%\teniodl_core.dll
- %APPDATA%\ub-launcher.exe
- %WINDIR%\slimit\load.exe
- %WINDIR%\slimit\dllhost.exe
- %WINDIR%\slimit\config.dat
- %WINDIR%\slimit\start.exe
- %TEMP%\ub\update\application\28.2.18.19\qtcssh.dll
- %WINDIR%\slimit\setup.ini
- %APPDATA%\limit\crossfire.exe
- %LOCALAPPDATA%\ub\tmp\0350e3c6bcd066b327b7849a1268230a
- %LOCALAPPDATA%\ub\update\files.list
- %LOCALAPPDATA%\ub\tmp\53d8658b682430aeea1103e434055779
- %LOCALAPPDATA%\ub\update\ub.exe
- %TEMP%\ub\update\application\28.2.18.19\ssleay32.dll_z
- %TEMP%\ub\update\application\28.2.18.19\ssleay32.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\ssleay32.dll
- %TEMP%\ub\update\application\28.2.18.19\sqldrivers\qsqlite.dll_z
- %TEMP%\ub\update\application\28.2.18.19\sqldrivers\qsqlite.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\sqldrivers\qsqlite.dll
- %TEMP%\ub\update\application\28.2.18.19\qtcssh.dll_z
- %LOCALAPPDATA%\ub\application\28.2.18.19\qtcssh.dll
- %LOCALAPPDATA%\ub\application\28.2.18.19\icudt54.dll
- %TEMP%\_ir_sf_temp_0\irsetup.dat
- %TEMP%\ub\update\application\28.2.18.19\icuin54.dll
- %TEMP%\ub\update\application\28.2.18.19\icuin54.dll_z
- %TEMP%\ub\update\application\28.2.18.19\icuuc54.dll
- %TEMP%\ub\update\application\28.2.18.19\icuuc54.dll_z
- %TEMP%\ub\update\application\28.2.18.19\libeay32.dll
- %TEMP%\ub\update\application\28.2.18.19\libeay32.dll_z
- %TEMP%\ub\update\application\28.2.18.19\libgcc_s_dw2-1.dll
- %TEMP%\ub\update\application\28.2.18.19\libgcc_s_dw2-1.dll_z
- %TEMP%\ub\update\application\28.2.18.19\libstdc++-6.dll
- %TEMP%\ub\update\application\28.2.18.19\libstdc++-6.dll_z
- %TEMP%\ub\update\application\28.2.18.19\libwinpthread-1.dll
- %TEMP%\ub\update\application\28.2.18.19\qt5core.dll
- %TEMP%\ub\update\application\28.2.18.19\qt5core.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qt5network.dll
- %TEMP%\ub\update\application\28.2.18.19\icudt54.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qt5network.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qt5sql.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qt5xml.dll
- %TEMP%\ub\update\application\28.2.18.19\qt5xml.dll_z
- %TEMP%\ub\update\application\28.2.18.19\qtcssh.dll
- %TEMP%\ub\update\application\28.2.18.19\qtcssh.dll_z
- %TEMP%\ub\update\application\28.2.18.19\sqldrivers\qsqlite.dll
- %TEMP%\ub\update\application\28.2.18.19\sqldrivers\qsqlite.dll_z
- %TEMP%\ub\update\application\28.2.18.19\ssleay32.dll
- %TEMP%\ub\update\application\28.2.18.19\ssleay32.dll_z
- %TEMP%\_ir_sf_temp_0\lua5.1.dll
- %TEMP%\_ir_sf_temp_0\irsetup.exe
- %TEMP%\_ir_sf_temp_0\irimg3.jpg
- %TEMP%\_ir_sf_temp_0\irimg2.jpg
- %TEMP%\_ir_sf_temp_0\irimg1.jpg
- %TEMP%\ub\update\application\28.2.18.19\qt5sql.dll
- %TEMP%\ub\update\application\28.2.18.19\icudt54.dll
- from %LOCALAPPDATA%\ub\update\ub.exe to %LOCALAPPDATA%\ub\bin\ub.exe
- http://pb##.ac101.net/ub/cur/files.list
- http://pb##.ac101.net/ub/cur/UB.exe_z
- DNS ASK bo##.#jbaishun.com
- DNS ASK pb##.ac101.net
- DNS ASK ub.##0371.com
- ClassName: 'MS_WINHELP' WindowName: ''
- '%TEMP%\_ir_sf_temp_0\irsetup.exe' __IRAOFF:1738090 "__IRAFN:<Full path to file>" "__IRCT:0" "__IRTSS:0" "__IRSID:S-1-5-21-1960123792-2022915161-3775307078-1001"
- '%APPDATA%\inst.exe'
- '%APPDATA%\ub-launcher.exe'
- '%WINDIR%\slimit\dllhost.exe'
- '%APPDATA%\limit\crossfire.exe'
- '%LOCALAPPDATA%\ub\bin\ub.exe' --launcher-path %APPDATA%\UB-Launcher.exe --launcher-version 1.2.6.0
- '%WINDIR%\slimit\dllhost.exe' ' (with hidden window)