Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'adCmds' = '%PROGRAM_FILES%\adCmds\adCmds.exe'
- '%PROGRAM_FILES%\adCmds\adCmds.exe'
- %PROGRAM_FILES%\adCmds\2.0.0.1\dmplayer.dll
- %PROGRAM_FILES%\adCmds\dmconfig.cfg
- %PROGRAM_FILES%\adCmds\dmshell.dll
- %PROGRAM_FILES%\adCmds\adCmds.exe
- %PROGRAM_FILES%\adCmds\dmconfig.cfg
- 'www.si##.com.cn':80
- 'dc##.dmcast.com':80
- dc##.dmcast.com/script/login.php?ve###################################################################################################
- www.si##.com.cn/?&u###########################
- dc##.dmcast.com/script/update.asp?ve##########################################
- DNS ASK www.si##.com.cn
- DNS ASK dc##.dmcast.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'