Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'nomInstall.exe' = '%PROGRAM_FILES%\nomtv\nomInstall.exe'
- %PROGRAM_FILES%\nomtv\NomAdder.exe
- %PROGRAM_FILES%\nomtv\NomAdder.exe (загружен из сети Интернет)
- <SYSTEM32>\cmd.exe /c C:\$$$$$.bat
- %HOMEPATH%\Desktop\??TV.lnk
- %PROGRAM_FILES%\nomtv\nomRemover.exe
- C:\$$$$$.bat
- %PROGRAM_FILES%\nomtv\NomAdder.exe
- %PROGRAM_FILES%\nomtv\nomtv.cfg
- %PROGRAM_FILES%\nomtv\nomtv.dll
- %WINDIR%\nominstall.exe
- %PROGRAM_FILES%\nomtv\NomTv.exe
- %WINDIR%\nominstall.exe в %PROGRAM_FILES%\nomtv\nominstall.exe
- 'no##v.co.kr':80
- no##v.co.kr/newpgm/nomInstall.exe
- no##v.co.kr/newpgm/nomRemover.exe
- no##v.co.kr/newpgm/NomAdder.exe
- no##v.co.kr/ctrl/loading_cnt.php?ma###################
- no##v.co.kr/newpgm/nomversion
- no##v.co.kr/newpgm/NomTv.exe
- DNS ASK dw.##mtv.co.kr
- DNS ASK no##v.co.kr
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: '' WindowName: 'NomTv'