Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MSMSGS' = '"%PROGRAM_FILES%\Messenger\msmsgs.exe" /background'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'PK Guard' = '<SYSTEM32>\pkguard32.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'PK Guard' = '<SYSTEM32>\pkguard32.exe'
- C:\f87454.exe (загружен из сети Интернет)
- <SYSTEM32>\pkguard32.exe /run
- [<HKCU>\Software\Microsoft\MessengerService]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\yoursite.[1]
- C:\f87454.exe
- <SYSTEM32>\pkguard32.exe
- %WINDIR%\HOSTS
- C:\f87454.exe
- <SYSTEM32>\pkguard32.exe
- 'yo##site':80
- 'localhost':1035
- yo##site/
- DNS ASK yo##site
- ClassName: 'YHTMLContainer' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''