Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'vprotectorstart.exe' = '%PROGRAM_FILES%\vprotector\vprotectorstart.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'vprotector main' = '%PROGRAM_FILES%\vprotector\vprotectoru.exe /8L'
- '<SYSTEM32>\cmd.exe' /c ""C:\Delete.bat" "
- C:\Delete.bat
- 'localhost':1037
- DNS ASK up####.searchv.co.kr
- DNS ASK se###hv.co.kr
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'ISKIM Frameworks LogWnd2' WindowName: '???? 2.0'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'