Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'HotNow' = '%PROGRAM_FILES%\PMX\Dialers\HotNow\HotNow.exe /dontdial '
- %PROGRAM_FILES%\pmx\dialers\hotnow\hotnow.exe -kill <Полный путь к вирусу> /install
- ClassName: 'AOL Frame25' WindowName: ''
- %HOMEPATH%\Desktop\HotNow.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\getclientid[1]
- %TEMP%\WK_1.tmp
- %PROGRAM_FILES%\pmx\dialers\hotnow\hotnow.exe
- %HOMEPATH%\Start Menu\HotNow.lnk
- %HOMEPATH%\Start Menu\Programs\HotNow.lnk
- 'localhost':1037
- '19#.#88.43.168':80
- 19#.#88.43.168/w/getclientid?sr##############################################################################################
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'HotNow'
- ClassName: 'HOTNOW' WindowName: 'HotNow'