Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WinNtUpdate' = '<SYSTEM32>\WinNtUpdate.exe'
- <SYSTEM32>\connection32a.exe
- <SYSTEM32>\w032.exe
- <SYSTEM32>\connection32a.exe (загружен из сети Интернет)
- <SYSTEM32>\w032.exe (загружен из сети Интернет)
- <SYSTEM32>\connection32a.exe
- %WINDIR%\Windows32log.ini
- <SYSTEM32>\WinNtUpdate.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\w032[1].exe
- <SYSTEM32>\w032.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\house[1].exe
- 'cl#######banez.googlepages.com':80
- '74.##5.232.51':25
- 'localhost':1036
- 'wc######.googlepages.com':80
- cl#######banez.googlepages.com/house.exe
- wc######.googlepages.com/w032.exe
- DNS ASK gs####85.google.com
- DNS ASK cl#######banez.googlepages.com
- DNS ASK wc######.googlepages.com
- ClassName: 'Shell_TrayWnd' WindowName: ''