Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'opensearchttos' = '"%APPDATA%\opensearchGT\opensearcht.exe" Runcmd'
- %APPDATA%\opensearchGT\opensearcht.exe
- %TEMP%\nsj3.tmp\version.dll
- %TEMP%\nsj3.tmp\DLLWebCount.dll
- %TEMP%\nse2.tmp
- %TEMP%\nsj3.tmp\KillProcDLL.dll
- %TEMP%\nsj3.tmp\FindProcDLL.dll
- 'ul.##icsvc.com':80
- ul.##icsvc.com/cnt/index.php?pi############
- DNS ASK ul.##icsvc.com
- ClassName: 'Indicator' WindowName: '(null)'