Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ViScanPro' = '"%TEMP%\7zS1.tmp\ViScan.exe" -h'
- '%TEMP%\7zS1.tmp\ViScanUpdate.exe' update.spy-dr.co.kr
- '%TEMP%\7zS1.tmp\ViScan.exe'
- %TEMP%\7zS1.tmp\Config.ini
- %TEMP%\7zS1.tmp\Version.ini
- %TEMP%\7zS1.tmp\ViScanVI.dll
- %TEMP%\7zS1.tmp\viscan(verchk)_02.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\viscan(verchk)_02[1].txt
- %TEMP%\7zS1.tmp\ViScanS.dll
- %TEMP%\7zS1.tmp\ViScanH.db
- %TEMP%\7zS1.tmp\pcode.ini
- %TEMP%\7zS1.tmp\UpdateList.html
- %TEMP%\7zS1.tmp\ViScanH.dll
- %TEMP%\7zS1.tmp\ViScanUpdate.exe
- %TEMP%\7zS1.tmp\ViScan.exe
- %TEMP%\7zS1.tmp\ViScanH.db
- %TEMP%\7zS1.tmp\ViScan.exe
- %TEMP%\7zS1.tmp\viscan(verchk)_02.txt
- %TEMP%\7zS1.tmp\ViScanUpdate.exe
- %TEMP%\7zS1.tmp\ViScanS.dll
- %TEMP%\7zS1.tmp\ViScanH.dll
- %TEMP%\~DFC61E.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\viscan(verchk)_02[1].txt
- %TEMP%\7zS1.tmp\pcode.ini
- %TEMP%\7zS1.tmp\Version.ini
- %TEMP%\7zS1.tmp\UpdateList.html
- %TEMP%\7zS1.tmp\Config.ini
- 'up####.spy-dr.co.kr':80
- 'www.js##de.com':80
- up####.spy-dr.co.kr/viscan/viscan/update/viscan(verchk)_02.txt
- www.js##de.com/viscan/insert.asp?pi########
- DNS ASK up####.spy-dr.co.kr
- DNS ASK www.js##de.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'ViScan (Build Name : ViScan)' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''