Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'iebutton' = '<SYSTEM32>\iebutton.exe'
- [<HKLM>\SOFTWARE\Microsoft\Internet Explorer\Extensions\{39C98479-624B-4e1e-8865-F4FE46238123}] 'Exec' = '%PROGRAM_FILES%\iebutton\open.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'iebutton' = '%PROGRAM_FILES%\iebutton\iebutton.exe'
- <SYSTEM32>\iebutton.exe INSTALL
- %PROGRAM_FILES%\iebutton\Uninstall.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ping[1].asp
- %PROGRAM_FILES%\iebutton\moviedown.ico
- <SYSTEM32>\iebutton.exe
- %PROGRAM_FILES%\iebutton\open.exe
- 'rh#####k.tipoint.co.kr':80
- rh#####k.tipoint.co.kr/ping.asp
- DNS ASK rh#####k.tipoint.co.kr
- ClassName: 'iebutton' WindowName: ''