Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\lwtsvc] 'Start' = '00000002'
- %PROGRAM_FILES%\LemonWebtoon\lwtsvc.exe
- %TEMP%\Setup_LWTaz.exe /P=bund01
- %TEMP%\SetupLemonWebtoon.exe
- <SYSTEM32>\cmd.exe /c %TEMP%\nswssDelete.bat
- %PROGRAM_FILES%\LemonWebtoon\lwtupt.exe
- %PROGRAM_FILES%\LemonWebtoon\lwtsvc.exe
- %TEMP%\nswssDelete.bat
- %PROGRAM_FILES%\LemonWebtoon\LemonWebtoon.exe
- %PROGRAM_FILES%\LemonWebtoon\Uninstall.exe
- %TEMP%\nss6.tmp\nsiswss.dll
- %PROGRAM_FILES%\LemonWebtoon\LemonWebtoonC.exe
- %PROGRAM_FILES%\LemonWebtoon\LemonWebtoon.ico
- %TEMP%\nsy4.tmp\nsiswss.dll
- %TEMP%\nsy4.tmp\nsismanwd.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bund[1].html
- %TEMP%\nst2.tmp\nsisinstlw.dll
- %TEMP%\SetupLemonWebtoon.exe
- %TEMP%\nss6.tmp\nsProcess.dll
- %TEMP%\nss6.tmp\SimpleSC.dll
- %TEMP%\Setup_LWTaz.exe
- %TEMP%\nss6.tmp\ScrollLicense.dll
- %TEMP%\nsy4.tmp\nsiswss.dll
- %TEMP%\SetupLemonWebtoon.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bund[1].html
- %TEMP%\nsy4.tmp\nsismanwd.dll
- 'lo####.#emonwebtoon.co.kr':80
- 'www.ke###arch.co.kr':80
- lo####.#emonwebtoon.co.kr/div/bund.html
- lo####.#emonwebtoon.co.kr/logger.php
- www.ke###arch.co.kr/log/app_upt_inst_prog_log.php
- DNS ASK lo####.#emonwebtoon.co.kr
- DNS ASK www.ke###arch.co.kr