Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'lrnwcid.dll' = '<SYSTEM32>\rundll32.exe <SYSTEM32>\lrnwcid.dll,yyuteyc'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\lrnwcid.dll,yyuteyc
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\QgaHo26bYGCOMPIDHERE[1]
- <SYSTEM32>\kpagyoe.dll
- <SYSTEM32>\lrnwcid.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\QgaHo26bYGCOMPIDHERE[1]
- '88.#08.8.8':80
- 'localhost':1036
- 88.#08.8.8/SF/QgaHo26bYGCOMPIDHERE