Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'bsupdate.exe' = '%PROGRAM_FILES%\bankShop\bsupdate.exe'
- %PROGRAM_FILES%\bankShop\bswin.exe (загружен из сети Интернет)
- <SYSTEM32>\uninstall.exe
- %PROGRAM_FILES%\bankShop\bsupdate.exe
- %PROGRAM_FILES%\bankShop\bsCash.dll
- %PROGRAM_FILES%\bankShop\bswin.exe
- %PROGRAM_FILES%\bankShop\bs.dll
- 'pd#.##nk-shop.co.kr':80
- pd#.##nk-shop.co.kr/updater/bsCash.dll
- pd#.##nk-shop.co.kr/updater/uninstall.exe
- pd#.##nk-shop.co.kr/updater/bsupdate.exe
- pd#.##nk-shop.co.kr/updater/version.php
- pd#.##nk-shop.co.kr/updater/bswin.exe
- pd#.##nk-shop.co.kr/updater/bs.dll
- DNS ASK pd#.##nk-shop.co.kr
- ClassName: 'MS_WINHELP' WindowName: ''