Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '0sk' = 'c:\\WINDOWS\\system32\\0sk.exe'
- '<SYSTEM32>\0sk.exe'
- '<SYSTEM32>\regsvr32.exe' MSWINSCK.OCX /S
- <SYSTEM32>\0sk.exe
- <SYSTEM32>\MSWINSCK.OCX
- 'www.fa###n163.com':80
- www.fa###n163.com/fwq/pidx.asp?ri######
- www.fa###n163.com/fwq/2.asp?ri##############################
- DNS ASK www.fa###n163.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'