Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'IDOsysacye' = '%PROGRAM_FILES%\Intel\Program\Sogoubaseacye.exe'
- %PROGRAM_FILES%\Intel\SogouPinyinUp.exe
- %PROGRAM_FILES%\Intel\QQupbaseacye.exe
- %WINDIR%\explorer.exe /select,%ALLUSERSPROFILE%\Start Menu\Programs\XXX\calcx.lnk
- %PROGRAM_FILES%\Intel\QQupbaseacye.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\XXX\calcx.lnk
- %PROGRAM_FILES%\Intel\Program\Sogoubaseacye.exe
- %PROGRAM_FILES%\Intel\common\Utility.txt
- %PROGRAM_FILES%\Intel\SogouPinyinUp.exe
- %PROGRAM_FILES%\Intel\common\Utility.dll
- 'ba####niu.oicp.net':7899
- DNS ASK ba####niu.oicp.net
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: '' WindowName: '%ALLUSERSPROFILE%\Start Menu\Programs\XXX'
- ClassName: '' WindowName: ''