Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Searchline_nc' = '"%PROGRAM_FILES%\Searchline_nc\searchlineu_nc.exe" Runcmd'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Searchline_ncupdate' = '%PROGRAM_FILES%\Searchline_nc\searchlinedc.exe'
- '%PROGRAM_FILES%\Searchline_nc\searchlineu_nc.exe' Runcmd
- '<SYSTEM32>\sc.exe' query npf
- '<SYSTEM32>\cmd.exe' /c \DelUS.bat
- %TEMP%\nsz3.tmp\version.dll
- %PROGRAM_FILES%\Searchline_nc\searchlinedc.exe
- %PROGRAM_FILES%\Searchline_nc\uninstall.exe
- C:\DelUS.bat
- %TEMP%\nsz3.tmp\SelfDelete.dll
- %TEMP%\nsz3.tmp\FindProcDLL.dll
- %TEMP%\nse2.tmp
- %TEMP%\nsz3.tmp\DataCheck.dll
- %PROGRAM_FILES%\Searchline_nc\searchlineu_nc.exe
- %PROGRAM_FILES%\Searchline_nc\searchline_nc.dll
- %TEMP%\nsz3.tmp\SelfDelete.dll
- %TEMP%\nsz3.tmp\version.dll
- %TEMP%\nsz3.tmp\DataCheck.dll
- %TEMP%\nsz3.tmp\FindProcDLL.dll
- 'se####-lines.co.kr':80
- se####-lines.co.kr/check/sline_green/update/searchline.php
- se####-lines.co.kr/pt_system/cnt/index_pre.php?pi####################
- DNS ASK se####-lines.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: '(null)'