Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FilefarmSearch' = '%PROGRAM_FILES%\FilefarmSearch\FilefarmSearch.exe'
- %PROGRAM_FILES%\FilefarmSearch\FilefarmSearch.exe
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\FilefarmSearch\FilefarmSearch.dll"
- %PROGRAM_FILES%\FilefarmSearch\FilefarmSearch.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\Filter[1].txt
- %PROGRAM_FILES%\FilefarmSearch\Filter.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\FilefarmSearch[1].ini
- %PROGRAM_FILES%\FilefarmSearch\FilefarmSearch.dll
- %PROGRAM_FILES%\FilefarmSearch\FilefarmSearch.exe
- %PROGRAM_FILES%\FilefarmSearch\uninstall.exe
- %PROGRAM_FILES%\FilefarmSearch\FilefarmSearch.ini
- 'www.fi###arm.co.kr':80
- www.fi###arm.co.kr/toolbar/Update_/Filter.txt
- www.fi###arm.co.kr/toolbar/Update_/FilefarmSearch.ini
- www.fi###arm.co.kr/toolbar/install.php?ve##################################
- DNS ASK www.fi###arm.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''