Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SystemWin' = 'rundll32 "<LS_APPDATA>\win.dll,run"'
- %TEMP%\ex.exe ex.exe
- <SYSTEM32>\rundll32.exe win.dll,run
- <LS_APPDATA>\win.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\search[1].txt
- %TEMP%\ex.exe
- %TEMP%\win.dll
- <LS_APPDATA>\win.dll
- 'md##gc.org':80
- 'www.be####lemuria.com':80
- md##gc.org/website/plugins/editors/tinymce/jscripts/tiny_mce/themes/search.txt
- www.be####lemuria.com/Lemuria/modules/mod_search/tmpl/dir/php2/php/add.php
- DNS ASK md##gc.org
- DNS ASK www.be####lemuria.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''