Техническая информация
- [<HKLM>\SOFTWARE\Classes\SDO\shell\open\command] '' = 'iexplore sdo.sdo.com'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%TEMP%\RarSFX0\P2SP_bnb_040_0709.exe' = '%TEMP%\RarSFX0\P2SP_bnb_040_0709.exe:*:Enabled:盛大下载器'
- '%TEMP%\RarSFX0\P2SP_bnb_040_0709.exe'
- '%TEMP%\RarSFX0\Setup.EXE'
- %TEMP%\RarSFX0\Setup.ico
- %TEMP%\RarSFX0\Setup.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\banner[1].htm
- %TEMP%\RarSFX0\Setup.EXE
- %TEMP%\RarSFX0\gTemp.dat
- %TEMP%\RarSFX0\jTemp.dat
- %TEMP%\RarSFX0\rarinfo.txt
- %TEMP%\RarSFX0\gTemp.dat в %TEMP%\RarSFX0\P2SP_bnb_040_0709.exe
- 'pl##.sdo.com':80
- 'localhost':1037
- pl##.sdo.com/bnb/20070702/banner.htm
- DNS ASK pl##.sdo.com
- '21#.#1.29.95':80
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'GINA Logon'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'