Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SRDSL] 'ImagePath' = '<SYSTEM32>\soqiio.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SRDSL] 'Start' = '00000002'
- '%WINDIR%\AppPatch\service.exe' (загружен из сети Интернет)
- '<SYSTEM32>\soqiio.exe'
- '%WINDIR%\AppPatch\service.exe'
- C:\Documents and Settings\LocalService\Local Settings\<INETFILES>\Content.IE5\CJCTQ25G\85283[1]
- <SYSTEM32>\soqiio.exe
- %WINDIR%\AppPatch\service.exe
- 'localhost':1039
- 'hk###25.6655.la':25158
- 'localhost':1036
- '74#####08.bj.wezhan.cn':80
- http://74#####08.bj.wezhan.cn/filedownload/85283
- DNS ASK hk###25.6655.la
- DNS ASK 74#####08.bj.wezhan.cn