Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'rundll31' = '<SYSTEM32>\IEXPLORER.EXE'
- '<SYSTEM32>\IEXPLORER.EXE'
- '%PROGRAM_FILES%\weather report\Weather.exe'
- %PROGRAM_FILES%\weather report\IEXPLORER.EXE
- %PROGRAM_FILES%\weather report\Weather.exe
- %PROGRAM_FILES%\weather report\backup.exe
- %PROGRAM_FILES%\weather report\config.ini
- %PROGRAM_FILES%\weather report\IEXPLORER.EXE в <SYSTEM32>\IEXPLORER.EXE
- 'www.ip##e.net':80
- 'www.5k##.com':80
- www.ip##e.net/
- www.5k##.com//tongjikaishi.asp?un###############
- DNS ASK www.ip##e.net
- DNS ASK www.5k##.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''