Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'BuynaviAuction' = '%PROGRAM_FILES%\BuynaviAuction\BuynaviControl.exe'
- %PROGRAM_FILES%\BuynaviAuction\BuynaviControl.exe
- %TEMP%\BuyNavi0118.exe
- %PROGRAM_FILES%\BuynaviAuction\msvcr80.dll
- %PROGRAM_FILES%\BuynaviAuction\Microsoft.VC80.CRT.manifest
- %PROGRAM_FILES%\BuynaviAuction\BuynaviControl.exe
- %PROGRAM_FILES%\BuynaviAuction\uninstall.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\insert[2].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\update[1].php
- %TEMP%\nsx4.tmp\DLLWebCount.dll
- %TEMP%\super.exe
- %TEMP%\tjpacqlife_in.exe
- %TEMP%\BuyNavi0118.exe
- %TEMP%\nsc3.tmp
- %PROGRAM_FILES%\BuynaviAuction\BuynaviAuction.dll
- %TEMP%\nsx4.tmp\KillProcDLL.dll
- %TEMP%\nsx4.tmp\System.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\insert[2].php
- 'bu###vi.co.kr':80
- bu###vi.co.kr/count/insert.php?pi################
- bu###vi.co.kr/auction/ismedia/update.php
- DNS ASK www.bu###vi.co.kr
- DNS ASK bu###vi.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''