Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'hao567' = '%CommonProgramFiles%\Sougou.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Devices Manager] 'Start' = '00000002'
- %CommonProgramFiles%\Sougou.exe
- %CommonProgramFiles%\Sougou.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\houmen[1].txt
- %CommonProgramFiles%\linshi.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ip[1].txt
- 'ji######ving.googlecode.com':80
- ji######ving.googlecode.com/files/houmen.txt
- ji######ving.googlecode.com/files/ip.txt
- DNS ASK ji######ving.googlecode.com