Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'shandian' = '%PROGRAM_FILES%\shandian\shandian.exe'
- %HOMEPATH%\Start Menu\Programs\ЙБµздЇААЖч\ЙБµздЇААЖч.lnk
- %HOMEPATH%\Desktop\ЙБµздЇААЖч.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\ЙБµздЇААЖч.lnk
- %HOMEPATH%\Desktop\Internet Explorer.lnk
- %HOMEPATH%\Desktop\360°ІИ«дЇААЖч.lnk
- %HOMEPATH%\Start Menu\Programs\ЙБµздЇААЖч\Р¶ФШЙБµздЇААЖч.lnk
- %PROGRAM_FILES%\shandian\uninst.exe
- %TEMP%\nsh2.tmp\xID.dll
- %TEMP%\nsh2.tmp\config0.ini
- %TEMP%\nsh2.tmp\System.dll
- %PROGRAM_FILES%\shandian\config.ini
- %TEMP%\nsh2.tmp\bind.dll
- %TEMP%\nsh2.tmp\Md5dll.dll
- DNS ASK do##.#icc-md.org
- DNS ASK www.xa##er.net
- ClassName: 'Indicator' WindowName: '(null)'