Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'BTS' = '%PROGRAM_FILES%\bts\bts.exe'
- %PROGRAM_FILES%\bts\bts.exe
- %PROGRAM_FILES%\bts\DelLog.exe
- %PROGRAM_FILES%\bts\bts.exe
- %PROGRAM_FILES%\bts\Uninstall.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\open_sd[1].htm
- %PROGRAM_FILES%\bts\Uninstall.ini
- %PROGRAM_FILES%\bts\bts.dll
- %TEMP%\$inst\4.tmp
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\5.tmp
- %PROGRAM_FILES%\bts\updateman_bts.exe
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\4.tmp
- %TEMP%\$inst\5.tmp
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- 'ye##.co.kr':80
- ye##.co.kr/php/vrs_bts1/vrs.php
- ye##.co.kr/prog/open_sd.php?se######
- DNS ASK www.ye##.co.kr
- DNS ASK ye##.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''