Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{99410CDE-6F16-42ce-9D49-3807F78F0287}\DownloadInformation] 'CODEBASE' = 'http://www.180searchassistant.com/180saax...
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'sac' = '%ProgramFiles(x86)%\180searchassistant\sac.exe'
- %TEMP%\180saax.cab
- %TEMP%\clientax.inf
- %TEMP%\clientax.dll
- %WINDIR%\downloaded program files\180saax.cab
- %WINDIR%\downloaded program files\clientax.inf
- %WINDIR%\downloaded program files\clientax.dll
- %TEMP%\resd097.tmp
- %WINDIR%\downloaded program files\rcxd0a8.tmp
- %ProgramFiles(x86)%\180searchassistant\sac.exe
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\180search assistant\180search assistant.com.url
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\180search assistant\uninstall 180search assistant instructions.lnk
- %WINDIR%\downloaded program files\180saax.cab
- %TEMP%\clientax.dll
- %TEMP%\clientax.inf
- %TEMP%\180saax.cab
- %WINDIR%\downloaded program files\rcxd0a8.tmp в %WINDIR%\downloaded program files\clientax.dll
- DNS ASK ct#.###solutions.com
- DNS ASK bi#.###solutions.com
- DNS ASK co####.180solutions.com
- ClassName: '#32770' WindowName: '180search Assistant'
- ClassName: 'nTApp' WindowName: 'nTApp'
- ClassName: 'msbb' WindowName: 'msbb'
- '%ProgramFiles(x86)%\180searchassistant\sac.exe' /did=000997 /DID=000997