Техническая информация
- %WINDIR%\Tasks\System Critical Service Detector.job
- [<HKLM>\SYSTEM\ControlSet001\Services\svchoster_20141203161308] 'Start' = '00000002'
- '%APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\svchoster.exe' -presrv
- '%APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\svchoster.exe' -srv
- '%APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\svchoster.exe' -hide
- '%APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\svchoster.exe' -install
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %HOMEPATH%\Desktop\聚划算.lnk
- %HOMEPATH%\Desktop\游戏大厅.lnk
- %APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\static.ini
- %HOMEPATH%\Desktop\3600导航.lnk
- C:\3600导航.lnk
- C:\聚划算.lnk
- C:\游戏大厅.lnk
- %ALLUSERSPROFILE%\Documents\mainIcon\32.ico
- %APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\svchoster.exe
- %APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\explore.ico
- %APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\32.ico
- %APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\taobao.ico
- %ALLUSERSPROFILE%\Documents\mainIcon\taobao.ico
- %ALLUSERSPROFILE%\Documents\mainIcon\explore.ico
- %APPDATA%\{DDA236C5-530F-440d-A99A-B16F2FE99B4B}\UnInstall.exe
- 'sw#.#56678.net':789
- DNS ASK sw#.#56678.net