Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'savemode' = '%PROGRAM_FILES%\savemode\savemode.exe'
- %PROGRAM_FILES%\savemode\nallist.nau
- %PROGRAM_FILES%\savemode\naelist2.nau
- %PROGRAM_FILES%\savemode\naelist.nau
- %PROGRAM_FILES%\savemode\nanolist.nau
- %PROGRAM_FILES%\savemode\naulist.nau
- %PROGRAM_FILES%\savemode\naulist2.nau
- 'fi##.#avemode.co.kr':80
- fi##.#avemode.co.kr/shoplist/list2.php
- fi##.#avemode.co.kr/shoplist/list.php
- fi##.#avemode.co.kr/shoplist/list_loss.php
- fi##.#avemode.co.kr/shoplist/list_exc.php
- fi##.#avemode.co.kr/shoplist/list_exc2.php
- fi##.#avemode.co.kr/shoplist/no_list.php
- fi##.#avemode.co.kr/cont/regid.txt
- fi##.#avemode.co.kr/cont/proid.txt
- fi##.#avemode.co.kr/cont/guid.txt
- fi##.#avemode.co.kr/cont/dllid.txt
- fi##.#avemode.co.kr/cont/sizeid.txt
- DNS ASK fi##.#avemode.co.kr
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Indicator' WindowName: ''