Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'noedplus' = ''
- <SYSTEM32>\msvbvm60.dll
- <SYSTEM32>\noedplus.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\install[1].htm
- %TEMP%\rad6D38F.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\noedplus_m[1].htm
- <SYSTEM32>\noedplus.exe
- <SYSTEM32>\MSINET.OCX
- <SYSTEM32>\VB6KO.DLL
- %TEMP%\~DFCF4F.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\install[1].htm
- 'up####.solyak.co.kr':80
- 'ad###.is-admin.com':80
- 'localhost':1036
- DNS ASK up####.solyak.co.kr
- DNS ASK ad###.is-admin.com