Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SRankingPopViewupdate' = '%PROGRAM_FILES%\SRankingPopView\srankingdc.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SRankingPopView' = '"%PROGRAM_FILES%\SRankingPopView\srankingp.exe" Runcmd'
- '%PROGRAM_FILES%\SRankingPopView\srankingp.exe' Runcmd
- %TEMP%\nsq3.tmp\UnProtectMode.dll
- %PROGRAM_FILES%\SRankingPopView\sranking.dll
- %TEMP%\nsq3.tmp\DLLWebCount.dll
- %PROGRAM_FILES%\SRankingPopView\uninstall.exe
- %PROGRAM_FILES%\SRankingPopView\srankingp.exe
- %TEMP%\nsq3.tmp\IEKill.dll
- %TEMP%\nsl2.tmp
- %PROGRAM_FILES%\SRankingPopView\srankingdc.exe
- %TEMP%\nsq3.tmp\KillProcDLL.dll
- 'sr###ing.co.kr':80
- sr###ing.co.kr/_sadmin/cnt/index.php?pi####################
- sr###ing.co.kr/ranking/sranking06/set.php
- sr###ing.co.kr/_sadmin/cnt/index.php?pi###################
- sr###ing.co.kr/ranking/sranking06/sr.php
- DNS ASK sr###ing.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'