Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Extensions' = '%APPDATA%\explorer_extensions.exe'
- %APPDATA%\explorer_extensions.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\checkip.dyndns[1].009985887
- %APPDATA%\explorer_extensions.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\-1[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\whatismyip[1].845332335
- %TEMP%\~ip.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\checkip.dyndns[1].2948976138
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\-1[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\whatismyip[1].536346877
- %APPDATA%\explorer_extensions.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\-1[1]
- %TEMP%\~ip.tmp
- 'www.ip###cation.com':80
- 'or#####.users.the-irc.com':4100
- 'ch####p.dyndns.org':80
- 'www.wh###smyip.com':80
- www.ip###cation.com/-1
- ch####p.dyndns.org/?rn########################################
- ch####p.dyndns.org/?rn#########################################
- www.wh###smyip.com/?rn########################################
- DNS ASK www.ip###cation.com
- DNS ASK or#####.users.the-irc.com
- DNS ASK ch####p.dyndns.org
- DNS ASK www.wh###smyip.com
- ClassName: 'Indicator' WindowName: ''