Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'clover_u' = '%PROGRAM_FILES%\KoreaMessenger CP\clover_updater.exe'
- %WINDIR%\CloverPlus.cot
- %ALLUSERSPROFILE%\Start Menu\Programs\ДЪё®ѕЖёЮЅЕАъ ЗГ·ЇЅє CP\KoreaMailMessenger(ДЪё®ѕЖёЮЅЕАъ°ЎАМµе) јіДЎБ¦°Е.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\log_progress[1].php
- %WINDIR%\cloveruninstall.exe
- %PROGRAM_FILES%\KoreaMessenger CP\clover_updater.zip
- %WINDIR%\cloveruninstall.zip
- %PROGRAM_FILES%\KoreaMessenger CP\c_updater.exe
- %WINDIR%\cloveruninstall.zip
- %PROGRAM_FILES%\KoreaMessenger CP\clover_updater.zip
- %WINDIR%\cloveruninstall.exe в %WINDIR%\koreamessenger_uninstall.exe
- %PROGRAM_FILES%\KoreaMessenger CP\c_updater.exe в %PROGRAM_FILES%\KoreaMessenger CP\clover_updater.exe
- 'cn#.##overplus.com':80
- cn#.##overplus.com/log_progress.php?cl###########################################
- DNS ASK cn#.##overplus.com
- ClassName: 'Indicator' WindowName: ''