Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'IDOsysizxx' = '%PROGRAM_FILES%\Intel\Program\Sogoubaseizxx.exe'
- %PROGRAM_FILES%\Intel\SogouPinyinUp.exe
- %PROGRAM_FILES%\Intel\QQupbaseizxx.exe
- %WINDIR%\explorer.exe /select,%ALLUSERSPROFILE%\Start Menu\Programs\XXX\calcx.lnk
- %ALLUSERSPROFILE%\Start Menu\Programs\XXX\calcx.lnk
- %PROGRAM_FILES%\Intel\Program\Sogoubaseizxx.exe
- %PROGRAM_FILES%\Intel\QQupbaseizxx.exe
- %PROGRAM_FILES%\Intel\common\Utility.txt
- %PROGRAM_FILES%\Intel\SogouPinyinUp.exe
- %PROGRAM_FILES%\Intel\common\Utility.dll
- 'ba####niu.oicp.net':7899
- DNS ASK ba####niu.oicp.net
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: '' WindowName: '%ALLUSERSPROFILE%\Start Menu\Programs\XXX'
- ClassName: '' WindowName: ''