Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TCPZ] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\HglSrv] 'Start' = '00000002'
- <SYSTEM32>\ipconfig.exe /flushdns
- <SYSTEM32>\ping.exe -n 5 127.0.0.1
- <SYSTEM32>\svchost.exe -k HglSrv
- <SYSTEM32>\rundll32.exe hglasvstart.dll,ServiceInstall
- <SYSTEM32>\sc.exe config HglSrv start= AUTO
- <SYSTEM32>\hglasclib.dll
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0J2LM5OP\wpad[1].dat
- %WINDIR%\DelCache.bat
- <SYSTEM32>\hglasvstart.dll
- <DRIVERS>\tcpz-x86d.sys
- <SYSTEM32>\hglasvstart.dll
- 'so##.setheo.com':80
- 'in.##jaca.com':21
- 'so##.jajaca.com':80
- 'wpad.localdomain':80
- so##.setheo.com/ip.asp
- wpad.localdomain/wpad.dat
- so##.jajaca.com/lib.zip
- DNS ASK so##.setheo.com
- DNS ASK in.##jaca.com
- DNS ASK so##.jajaca.com
- DNS ASK wpad.localdomain