Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'clover_u' = '%PROGRAM_FILES%\KoreaMessenger CP\clover_updater.exe'
- %PROGRAM_FILES%\KoreaMessenger CP\clover_updater.exe
- %WINDIR%\CloverUninstall.exe
- %WINDIR%\CloverPlus.cot
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\log_progress[1].php
- %PROGRAM_FILES%\KoreaMessenger CP\clover_updater.zip
- %WINDIR%\cloveruninstall.zip
- %PROGRAM_FILES%\KoreaMessenger CP\c_updater.exe
- %WINDIR%\cloveruninstall.zip
- %PROGRAM_FILES%\KoreaMessenger CP\clover_updater.zip
- %WINDIR%\CloverUninstall.exe в %WINDIR%\koreamessenger_uninstall.exe
- %PROGRAM_FILES%\KoreaMessenger CP\c_updater.exe в %PROGRAM_FILES%\KoreaMessenger CP\clover_updater.exe
- 'm.####ngicon.net':80
- 'www.da##.net':80
- 'c.####ngicon.net':80
- m.####ngicon.net/files.php?cl###################
- www.da##.net/
- c.####ngicon.net/log_progress.php?cl###########################################
- DNS ASK m.####ngicon.net
- DNS ASK www.da##.net
- DNS ASK c.####ngicon.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''