Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'IEProtector' = '%PROGRAM_FILES%\IEProtector\ieprotector.exe hide,start'
- [<HKLM>\SYSTEM\ControlSet001\Services\IEProtector] 'Start' = '00000002'
- %PROGRAM_FILES%\IEProtector\IEProtector.exe hide,init
- %TEMP%\null\Setup_10031.exe /S
- %HOMEPATH%\Start Menu\Programs\IEProtector\Р¶ФШIEКШ»¤ХЯ.lnk
- %HOMEPATH%\Desktop\МФ±¦УЕ»ЭЗшїмЛЩ№єОп.lnk
- %HOMEPATH%\Start Menu\IEКШ»¤ХЯ.lnk
- %HOMEPATH%\Start Menu\Programs\IEProtector\IEКШ»¤ХЯ.lnk
- %TEMP%\nsu3.tmp\SimpleSC.dll
- %TEMP%\nsu3.tmp\System.dll
- %PROGRAM_FILES%\IEProtector\uninstall.dat
- %PROGRAM_FILES%\IEProtector\IEProtector.exe
- %PROGRAM_FILES%\IEProtector\App.ini
- %TEMP%\null\Setup_10031.exe
- %PROGRAM_FILES%\IEProtector\IEService.exe
- %PROGRAM_FILES%\IEProtector\uninst.exe
- %PROGRAM_FILES%\IEProtector\ieprotector.ini
- %PROGRAM_FILES%\IEProtector\TaoBao.exe
- %TEMP%\null\Setup_10031.exe
- %TEMP%\nsu3.tmp\System.dll
- %TEMP%\nsu3.tmp\SimpleSC.dll
- 'tj.###uanjia.com':85
- DNS ASK tj.###uanjia.com
- '<IP-адрес в локальной сети>':1034
- ClassName: 'Shell_TrayWnd' WindowName: ''