Техническая информация
- '%PROGRAM_FILES%\Haomake\svchost.exe'
- '<SYSTEM32>\TXPlatform.exe'
- '%PROGRAM_FILES%\Haomake\Install.exe'
- '%PROGRAM_FILES%\Haomake\Update.exe'
- '<SYSTEM32>\regsvr32.exe' /s "%PROGRAM_FILES%\haomake\soft.dll"
- '<SYSTEM32>\regsvr32.exe' /s "%PROGRAM_FILES%\Haomake\VClass.dll"
- <SYSTEM32>\TXPlatform.exe
- %PROGRAM_FILES%\WinPOP\WinPOP_Error_Log.txt
- %PROGRAM_FILES%\Haomake\soft.dll
- %TEMP%\E_4\krnln.fnr
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ad[1].php
- %TEMP%\E_4\com.run
- %TEMP%\E_4\internet.fne
- %PROGRAM_FILES%\Haomake\Update.exe
- %PROGRAM_FILES%\Haomake\Install.exe
- %PROGRAM_FILES%\Haomake\config.ini
- %PROGRAM_FILES%\Haomake\VClass.dll
- %PROGRAM_FILES%\Haomake\soft.dat
- %PROGRAM_FILES%\Haomake\update.ini
- %PROGRAM_FILES%\Haomake\svchost.exe
- 'po#.#zmax.com':80
- 'ad.#o118.cn':80
- 'www.so##8.cn':80
- ad.#o118.cn/ad.php?ci########
- ad.#o118.cn/cpush.php?ci########
- www.so##8.cn/update/update.txt
- DNS ASK po#.#zmax.com
- DNS ASK ad.#o118.cn
- DNS ASK www.so##8.cn
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'