Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'IFavorPop' = '%APPDATA%\IFavorPop\IFavorU.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'IFavorPop' = '%APPDATA%\IFavorPop\IFavorU.exe'
- '%APPDATA%\IFavorPop\IFavorU.exe'
- %TEMP%\nsv3.tmp\PPtMode.dll
- %APPDATA%\IFavorPop\uninstall.exe
- %APPDATA%\IFavorPop\msvcr100.dll
- %TEMP%\nsv3.tmp\Math.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\update[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\counter_insert[2].php
- %TEMP%\nsv3.tmp\DLLWebCount.dll
- %APPDATA%\IFavorPop\msvcp100.dll
- %TEMP%\nsv3.tmp\Dialer.dll
- %TEMP%\nsv3.tmp\System.dll
- %TEMP%\nsq2.tmp
- %TEMP%\nsv3.tmp\IEKill.dll
- %APPDATA%\IFavorPop\IFavorU.exe
- %APPDATA%\IFavorPop\IFavorPop.dll
- %TEMP%\nsv3.tmp\KillProcDLL.dll
- 'fa###shop.kr':80
- fa###shop.kr/app/ss01/update.php
- fa###shop.kr/count/counter_insert.php?pi#############
- DNS ASK fa###shop.kr
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'