Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Security' = '%APPDATA%\iepxloler.exe'
- %APPDATA%\iepxloler.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\Mswinsck[1].ocx
- %APPDATA%\Mswinsck.ocx
- %APPDATA%\iepxloler.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\MSINET[1].OCX
- %APPDATA%\MSINET.OCX
- 'go#####elsin.no-ip.org':1337
- 'an###ansur.net':80
- 'localhost':1036
- an###ansur.net/Mswinsck.ocx
- an###ansur.net/MSINET.OCX
- DNS ASK go#####elsin.no-ip.org
- DNS ASK an###ansur.net
- ClassName: 'Indicator' WindowName: ''