Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'atmSetup' = '"%PROGRAM_FILES%\ISP\atmUpdate.EXE" -op'
- %PROGRAM_FILES%\ISP\atmUpdate.exe -op
- <SYSTEM32>\setfav_ba1.exe
- <SYSTEM32>\atm1.exe
- <SYSTEM32>\infosaversetup_gross.exe
- %PROGRAM_FILES%\ISP\atmadm.exe
- %PROGRAM_FILES%\ISP\atmbf.dll
- <SYSTEM32>\setfav_ba1.exe
- %PROGRAM_FILES%\ISP\atmUpdate.exe
- <SYSTEM32>\atm1.exe
- <SYSTEM32>\infosaversetup_gross.exe
- %PROGRAM_FILES%\ISP\setfile.zip
- %PROGRAM_FILES%\ISP\setfile.zip
- 'www.go###e.co.kr':80
- 'ki#####545.pnsweb.net':80
- 'www.in###aver.co.kr':80
- ki#####545.pnsweb.net/ls_install.asp?ma#########################
- www.in###aver.co.kr/APP/pf_ck.php?v1######
- DNS ASK www.go###e.co.kr
- DNS ASK in###aver.co.kr
- DNS ASK www.go###va.co.kr
- DNS ASK www.in###aver.co.kr
- DNS ASK ki#####545.pnsweb.net
- '<IP-адрес в локальной сети>':1037
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''