Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\bYYCk3ke] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\RemoteAccess] 'Start' = '00000002'
- %WINDIR%\ACC.exe
- <SYSTEM32>\svchost.exe -k HTTPFilter
- %WINDIR%\vbcfg.ini
- %WINDIR%\ipmgr.dll
- %WINDIR%\Win.ini
- %WINDIR%\ACC.exe
- %WINDIR%\Factory.dll
- %PROGRAM_FILES%\NetMeeting\maomao.dll
- %WINDIR%\vbcfg.ini
- %WINDIR%\win.ini