Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'rundll32' = '<SYSTEM32>\IEXPLORER.EXE'
- <SYSTEM32>\IEXPLORER.EXE
- %PROGRAM_FILES%\weather report\Weather.exe
- %PROGRAM_FILES%\weather report\Weather.exe
- %PROGRAM_FILES%\weather report\IEXPLORER.exe
- %PROGRAM_FILES%\weather report\config.ini
- %PROGRAM_FILES%\weather report\IEXPLORER.exe в <SYSTEM32>\IEXPLORER.EXE
- 'www.5k##.com':80
- www.5k##.com//woyaotongji.asp?un###############
- DNS ASK ip.##sa.com.cn
- DNS ASK www.ip##e.net
- DNS ASK www.5k##.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''