Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Svsoft] 'Start' = '00000002'
- '%PROGRAM_FILES%\svsoft\softmon.exe'
- '%PROGRAM_FILES%\svsoft\svSoft.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\datb[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\damm[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\datb[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\damm[1].html
- %PROGRAM_FILES%\svsoft\svSoft.exe
- %PROGRAM_FILES%\xerox\about.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\guowai[1].htm
- %PROGRAM_FILES%\svsoft\softmon.exe
- %WINDIR%\Media\start.wav в %WINDIR%\Media\start1.wav
- 'www.ju###oft2.cn':80
- 'www.ju###oft1.cn':80
- 'www.ju##soft.cn':80
- www.ju###oft2.cn/images/damm.html
- www.ju###oft2.cn/images/datb.htm
- www.ju###oft1.cn/data/datb.htm
- www.ju##soft.cn/data/guowai.htm
- www.ju###oft1.cn/data/damm.html
- DNS ASK www.ju###oft2.cn
- DNS ASK www.ju###oft1.cn
- DNS ASK www.ju##soft.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WINHELP' WindowName: '(null)'