Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ssst] 'Start' = '00000002'
- %TEMP%\AIS_1145_0.EXE
- <SYSTEM32>\rundll32.exe %CommonProgramFiles%\nnno\xxxy.dll,Service -s
- <SYSTEM32>\rundll32.exe
- %CommonProgramFiles%\nnno\rrrs.ini
- <SYSTEM32>\uuuv.uni
- %CommonProgramFiles%\nnno\fffg.dll
- %CommonProgramFiles%\nnno\kkkl\kkkl.ini
- %CommonProgramFiles%\nnno\qqqr\qqqr.ini
- %CommonProgramFiles%\nnno\iiij\iiij.ini
- %CommonProgramFiles%\nnno\xxxy.dll
- %CommonProgramFiles%\nnno\mmmn.ini
- %TEMP%\insshell.exe
- %CommonProgramFiles%\nnno\cccd.dll
- %CommonProgramFiles%\nnno\aaab.dll
- %CommonProgramFiles%\nnno\iiij.ini
- %TEMP%\AIS_1145_0.EXE
- C:\~de2.tmp
- 'up####.borlander.cn':80
- 'ac####.borlander.com.cn':80
- up####.borlander.cn/updadini/updadini.ini
- up####.borlander.cn/updstd3/updstdix.ini
- ac####.borlander.com.cn/active?t=###########################################
- up####.borlander.cn/updstd3/updstdii.ini
- DNS ASK up####.borlander.cn
- DNS ASK ac####.borlander.com.cn
- ClassName: '_stdup_cha_wnd_' WindowName: '_stdup_cha_wnd_'