Техническая информация
- '%PROGRAM_FILES%\OverHelp\ovtemp.exe' S
- '%PROGRAM_FILES%\OverHelp\ovtemp.exe' (загружен из сети Интернет)
- %PROGRAM_FILES%\OverHelp\overadver.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\overadver[1].exe
- %PROGRAM_FILES%\OverHelp\ovtemp.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ovtemp[1].exe
- <SYSTEM32>\vb6ko.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\vb6ko[1].dll
- <SYSTEM32>\msinet.ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\msinet[1].ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\overadver[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ovtemp[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\vb6ko[1].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\msinet[1].ocx
- 'eb###site.co.kr':80
- 'localhost':1035
- eb###site.co.kr/update/install/overadver.exe
- eb###site.co.kr/update/install/ovtemp.exe
- eb###site.co.kr/update/install/vb6ko.dll
- eb###site.co.kr/update/install/msinet.ocx
- DNS ASK eb###site.co.kr
- ClassName: 'MS_WINHELP' WindowName: ''