Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'searchindexers.exe' = '%PROGRAM_FILES%/searchindexers.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\searchindexers.lnk
- %PROGRAM_FILES%\searchprotocolhosts.exe (загружен из сети Интернет)
- %PROGRAM_FILES%\searchfilterhosts.exe (загружен из сети Интернет)
- %PROGRAM_FILES%\searchprotocolhosts.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\ip2city[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\ip2city[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\searchfilterhosts[1].exe
- %PROGRAM_FILES%\searchfilterhosts.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\searchprotocolhosts[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\ip2city[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\ip2city[1].asp
- 'www.ip##8.com':80
- 'sc#.8880.in':80
- www.ip##8.com/ip2city.asp
- sc#.8880.in/down/searchprotocolhosts.exe
- sc#.8880.in/down/searchfilterhosts.exe
- DNS ASK www.ip##8.com
- DNS ASK sc#.8880.in
- ClassName: 'Indicator' WindowName: ''