Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MAutoPatch' = '%PROGRAM_FILES%\Maestro AutoPatch\MMAC_Ag.exe'
- '<SYSTEM32>\gcrawl.exe' -gsstrt
- '%PROGRAM_FILES%\Maestro AutoPatch\MMAC_Ag.exe'
- <SYSTEM32>\msgci.dat
- <SYSTEM32>\gcrawl.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\clt_b[1].asp
- %PROGRAM_FILES%\Maestro AutoPatch\tVer.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tVer[1].ini
- <SYSTEM32>\mcgp.exe
- %PROGRAM_FILES%\Maestro AutoPatch\list
- %PROGRAM_FILES%\Maestro AutoPatch\MMAC.exe
- %TEMP%\nsw2.tmp\KillProcDLL.dll
- %PROGRAM_FILES%\Maestro AutoPatch\MCGI.exe
- %PROGRAM_FILES%\Maestro AutoPatch\nVer.ini
- %PROGRAM_FILES%\Maestro AutoPatch\MMAC_Ag.exe
- %TEMP%\nsw2.tmp\KillProcDLL.dll
- 'kr.##ol.ntp.org':123
- 'ti##.#indows.com':123
- 'localhost':1036
- 'www.mu####lick.co.kr':80
- www.mu####lick.co.kr/include/clt_b.asp?cl##########
- www.mu####lick.co.kr/AutoUpdatebiplus/tVer.ini
- DNS ASK ti##.#indows.com
- DNS ASK kr.##ol.ntp.org
- DNS ASK www.mu####lick.co.kr
- 'localhost':1041
- 'localhost':1040
- '25#.#55.255.255':15875
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'