Техническая информация
- '%WINDIR%\Temp\tmp_ad.exe'
- '%WINDIR%\system\smss.exe'
- '%PROGRAM_FILES%\tmp\Install.exe'
- '<SYSTEM32>\regsvr32.exe' /s "%CommonProgramFiles%\PushWare\cpush.dll"
- '<SYSTEM32>\cmd.exe' /c ""%PROGRAM_FILES%\tmp\run.bat" "
- '<SYSTEM32>\wscript.exe' "%PROGRAM_FILES%\tmp\run.vbs"
- %WINDIR%\Temp\tmp_ad.exe
- %WINDIR%\system\smss.exe
- <DRIVERS>\IeDrv.sys
- %CommonProgramFiles%\PushWare\cpush.dll
- %CommonProgramFiles%\PushWare\Uninst.exe
- %TEMP%\nsq2.tmp
- %PROGRAM_FILES%\tmp\Install.exe
- %PROGRAM_FILES%\tmp\run.vbs
- %PROGRAM_FILES%\tmp\run.bat
- %PROGRAM_FILES%\Haomake\res.dat
- %PROGRAM_FILES%\Haomake\mever.ini
- %PROGRAM_FILES%\Haomake\install.dat
- <DRIVERS>\IeDrv.sys
- 'po#.#o118.cn':8010
- 'ad.#o118.cn':8080
- DNS ASK po#.#o118.cn
- DNS ASK ad.#o118.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'