Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windowns Suggestions' = '%PROGRAM_FILES%\Windows Suggestions\WinSuggestionsU.exe'
- %TEMP%\Setup_wins.exe (загружен из сети Интернет)
- %PROGRAM_FILES%\Windows Suggestions\WinSuggestions.exe begin
- %PROGRAM_FILES%\Windows Suggestions\Uninstall.ini
- %PROGRAM_FILES%\Windows Suggestions\Uninstall.exe
- %TEMP%\Setup_wins.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Setup_wins[1].exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- %PROGRAM_FILES%\Windows Suggestions\WinSuggestionsU.exe
- %PROGRAM_FILES%\Windows Suggestions\WinSuggestions.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'se####.entogether.com':80
- 'localhost':1038
- 'ie####estions.kr':80
- ie####estions.kr/app/ver.php?pi#################
- ie####estions.kr/app/MZ?
- se####.entogether.com/product/program/SearchCloud/install/Setup_wins.exe
- ie####estions.kr/app/icon.php?se#####
- ie####estions.kr/app/ver.php?pi##########
- ie####estions.kr/app/ver.php?co#######
- ie####estions.kr/app/use.php?se#####
- DNS ASK www.ie####estions.kr
- DNS ASK se####.entogether.com
- DNS ASK ie####estions.kr
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''