Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'winasv' = '%PROGRAM_FILES%\Windows Assist Service\winasv.exe'
- %TEMP%\nsj2.tmp\System.dll
- %TEMP%\nsj2.tmp\nspnch3689.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\default[1].html
- %TEMP%\nsj2.tmp\EzFunc2.dll
- %PROGRAM_FILES%\Windows Assist Service\winasv.exe
- %PROGRAM_FILES%\Windows Assist Service\winasu.exe
- %PROGRAM_FILES%\Windows Assist Service\winasc.dll
- %PROGRAM_FILES%\Windows Assist Service\Uninstall.exe
- %TEMP%\nsj2.tmp\WinOS.dll
- %TEMP%\nsj2.tmp\nsProcess.dll
- %TEMP%\nsj2.tmp\IEFunctions.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\default[1].html
- 'lo####.#indowsassist.co.kr':80
- lo####.#indowsassist.co.kr/div/default.html
- lo####.#indowsassist.co.kr/app_inst_logger.php
- DNS ASK lo####.#indowsassist.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'