Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '<SYSTEM32>\naver.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\naver windos a] 'Start' = '00000002'
- '<SYSTEM32>\naver.exe'
- '<SYSTEM32>\taskkill.exe' /f /t /im 2.exe
- '<SYSTEM32>\taskkill.exe' /f /t /im 3.exe
- '<SYSTEM32>\taskkill.exe' /f /t /im 1.exe
- '<SYSTEM32>\taskkill.exe' /f /t /im WinHelp32.exe
- '<SYSTEM32>\taskkill.exe' /f /t /im server.exe
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\windos7[1].exe
- %WINDIR%\Temp\249125.exe
- <SYSTEM32>\naver.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\count[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\count[1].asp
- 'kr.##ldns.com':85
- 'kr.##ldns.com':80
- 'localhost':1037
- kr.##ldns.com/win/windos7.exe
- kr.##ldns.com/lvse/count.asp?ma################
- DNS ASK kr.##ldns.com
- ClassName: '' WindowName: ''