Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Dependencies] 'Start' = '00000002'
- '<SYSTEM32>\VHRBWUO.EXE' /install /silent
- '<SYSTEM32>\net1.exe' start Dependencies
- '<SYSTEM32>\regsvr32.exe' /s "<SYSTEM32>\JXJPR.DLL"
- <SYSTEM32>\DTSTBJ.DLL
- <DRIVERS>\CZLTKI.DAT
- <SYSTEM32>\VHRBWUO.EXE
- <SYSTEM32>\NJECD.DLL
- <SYSTEM32>\FDDUXSGDWBVTUS.INI
- <SYSTEM32>\8u1mk8w7.dll
- <SYSTEM32>\wbem\IVAOYQWCONTCL.DLL
- <SYSTEM32>\JXJPR.DLL
- 'ad.##kead.com':80
- 'www.ha##23.com':80
- ad.##kead.com/start.asp?id##
- www.ha##23.com/
- DNS ASK ad.##kead.com
- DNS ASK www.ha##23.com
- ClassName: 'MS_WINHELP' WindowName: '(null)'