Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'rewardall' = '%PROGRAM_FILES%\rewardall\rewardall.exe'
- %PROGRAM_FILES%\rewardall\rewardall.exe
- <SYSTEM32>\dumprep.exe 2768 -dm 7 7 "%TEMP%\WERfb80.dir00\rewardall.exe.hdmp" 16325836412027380
- <SYSTEM32>\dumprep.exe 2768 -dm 7 7 "%TEMP%\WERfb80.dir00\rewardall.exe.mdmp" 16325836412027368
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\rewardall\rewardall.dll"
- %TEMP%\WERfb80.dir00\rewardall.exe.hdmp
- %TEMP%\WERfb80.dir00\appcompat.txt
- %TEMP%\WERfb80.dir00\manifest.txt
- %TEMP%\WERfb80.dir00\rewardall.exe.mdmp
- %PROGRAM_FILES%\rewardall\rewardall.exe
- %PROGRAM_FILES%\rewardall\uninstall.exe
- %PROGRAM_FILES%\rewardall\rewardall.dll
- 're####.rewardall.co.kr':80
- re####.rewardall.co.kr/install.asp?ve##########################################
- re####.rewardall.co.kr/Update_ra1000/rewardall.ini
- DNS ASK www.re###dall.co.kr
- DNS ASK re####.rewardall.co.kr
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''