Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\akausvc] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k quacer
- '%WINDIR%\explorer.exe' /e,<SYSTEM32>\2052\8284\
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\2052\athfmexofea.dll
- '<SYSTEM32>\cacls.exe' "<SYSTEM32>\2052" /t /e /g everyone:f
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\chSearch.ocx
- <SYSTEM32>\2052\athfmexofea.dll
- %WINDIR%\0a157fec00.dat
- <SYSTEM32>\chSearch.ocx
- <SYSTEM32>\2052\8284\svchost.exe
- <SYSTEM32>\d044523400.dat
- 'co###.118go.com.cn':80
- co###.118go.com.cn/plugs/Count.asp?ac#####################################################################################################################
- DNS ASK co###.118go.com.cn
- DNS ASK ud#.##128.com.cn
- 'ud#.##128.com.cn':31801
- ClassName: 'ComboBox' WindowName: '(null)'
- ClassName: 'ToolbarWindow32' WindowName: '(null)'
- ClassName: 'Edit' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'GINA Logon'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'WorkerW' WindowName: '(null)'
- ClassName: 'ComboBoxEx32' WindowName: '(null)'
- ClassName: 'ReBarWindow32' WindowName: '(null)'