Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'msdevice' = '%TEMP%\MsCommonMain.exe'
- %TEMP%\MsCommonMain.exe
- %TEMP%\MsCommonMain.exe (загружен из сети Интернет)
- <SYSTEM32>\regsvr32.exe "%TEMP%\MsWebCoreApp.dll" /s /i
- %TEMP%\MsWebCoreApp.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\MsWebCoreApp[1].pdf
- %TEMP%\MsCommonMain.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\MsCommonMain[1].pdf
- %TEMP%\lsassec.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\lsassec[1].pdf
- %TEMP%\zlib.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\zlib[1].pdf
- 'localhost':80
- 'localhost':1036
- localhost/MsWebCoreApp.pdf
- localhost/MsCommonMain.pdf
- localhost/lsassec.pdf
- localhost/zlib.pdf
- ClassName: 'Indicator' WindowName: ''