Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'iPushIEAD_' = '<Текущая директория>\soohost.exe'
- '<Текущая директория>\soohost.exe'
- '%WINDIR%\regedit.exe' /s id.reg
- '<SYSTEM32>\regsvr32.exe' /s "C:/Program Files/Internet Explorer/LPBho.dll"
- %WINDIR%\iPushAD.ini
- %WINDIR%\iPushGameUrl.xml
- %PROGRAM_FILES%\Internet Explorer\LPBho.dll
- <Текущая директория>\soohost.exe
- 'www.ic##u.cn':80
- www.ic##u.cn/game.xml
- DNS ASK www.ic##u.cn
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'