Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'winsvc' = '<SYSTEM32>\winchk.exe'
- '<SYSTEM32>\winchk.exe'
- Библиотека-обработчик для всех процессов: <SYSTEM32>\cssys.dll
- ClassName: 'AOL Frame25' WindowName: ''
- %ALLUSERSPROFILE%\Application Data\NetExt\%USERNAME%\actions.dat
- %ALLUSERSPROFILE%\Application Data\NetExt\%USERNAME%\win.dat
- %ALLUSERSPROFILE%\Application Data\NetExt\%USERNAME%\app.dat
- %ALLUSERSPROFILE%\Application Data\NetExt\%USERNAME%\uman.dat
- <SYSTEM32>\winchk.exe
- <SYSTEM32>\cssys.dll
- <SYSTEM32>\cssys.dll
- <SYSTEM32>\winchk.exe
- ClassName: 'AIM_IMessage' WindowName: ''
- ClassName: 'AIM_ChatWnd' WindowName: ''
- ClassName: '__oxFrame.class__' WindowName: ''
- ClassName: 'DeadAIM_TabbedIM' WindowName: ''
- ClassName: 'IMWindowClass' WindowName: ''
- ClassName: 'TskMultiChatForm.UnicodeClass' WindowName: ''
- ClassName: 'Chat View' WindowName: ''
- ClassName: 'YSearchMenuWndClass' WindowName: ''
- ClassName: 'IMClass' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MSN6 Window' WindowName: ''
- ClassName: 'SpyClass' WindowName: 'RemoteSpy'
- ClassName: '#32770' WindowName: ''
- ClassName: 'MozillaWindowClass' WindowName: ''
- ClassName: 'MDIClient' WindowName: ''
- ClassName: 'AOL Child' WindowName: ''
- ClassName: 'OUIWINDOW' WindowName: ''
- ClassName: 'Opera Main Window' WindowName: ''