Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'BaroSearch' = '%PROGRAM_FILES%\BaroSearch\barosearchs.exe'
- %PROGRAM_FILES%\BaroSearch\barosearch.exe /install
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bacon2_A78204179[1].xml
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\AppLog[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\bacon2_update_A78204179[1].xml
- %PROGRAM_FILES%\BaroSearch\barosearchs.exe
- %PROGRAM_FILES%\BaroSearch\barosearch.exe
- %WINDIR%\barosearchuninstall.exe
- 'lo#.###osearch.co.kr':80
- 'do######.barosearch.co.kr':80
- 'localhost':1035
- do######.barosearch.co.kr/bacon2/_autofile/_xml/bacon2_update_A78204179.xml
- lo#.###osearch.co.kr/bacon2/AppLog.php?u=########################################################
- do######.barosearch.co.kr/bacon2/_autofile/_xml/bacon2_A78204179.xml
- DNS ASK lo#.###osearch.co.kr
- DNS ASK do######.barosearch.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''