Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'cashmall' = '%PROGRAM_FILES%\cashmall\cashmall.exe'
- %PROGRAM_FILES%\cashmall\cashmall.exe
- %PROGRAM_FILES%\cashmall\cashmallrw.dat
- %PROGRAM_FILES%\cashmall\cashmallrw.dll
- %PROGRAM_FILES%\cashmall\cashmallov.dat
- %TEMP%\nsy3.tmp\AccessControl.dll
- %TEMP%\nsy3.tmp\nsUtil.dll
- %PROGRAM_FILES%\cashmall\uninst.exe
- %PROGRAM_FILES%\cashmall\cashmall.exe
- %TEMP%\nsy3.tmp\nsBase64.dll
- %TEMP%\nsj2.tmp
- %PROGRAM_FILES%\cashmall\cashmallsb.dll
- %PROGRAM_FILES%\cashmall\cashmallov.exe
- %PROGRAM_FILES%\cashmall\cashmallup.exe
- %TEMP%\nsy3.tmp\nsUtil.dll
- %TEMP%\nsy3.tmp\nsBase64.dll
- %TEMP%\nsy3.tmp\AccessControl.dll
- 'www.ca###mall.co.kr':80
- '21#.#3.123.40':80
- www.ca###mall.co.kr/update/default.htm
- 21#.#3.123.40/cashmall/install.php?pa###################################
- DNS ASK www.ca###mall.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''