Техническая информация
- [<HKCU>\Software\Microsoft\Internet Explorer\Desktop\Components\0] 'Source' = 'About:Home'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Framework Windows' = 'frmwrk32.exe'
- <SYSTEM32>\userinit.exe
- Диспетчера задач (Taskmgr)
- '<SYSTEM32>\frmwrk32.exe'
- '<SYSTEM32>\ntdll64.exe'
- '%TEMP%\Build.exe'
- '%TEMP%\loader_pm.exe'
- '<SYSTEM32>\ntdll64.exe' (загружен из сети Интернет)
- <SYSTEM32>\ntdll64.exe
- <SYSTEM32>\uniq.tll
- <SYSTEM32>\ahtn.htm
- <SYSTEM32>\warning.gif
- <SYSTEM32>\test.ttt
- %TEMP%\loader_pm.exe
- %TEMP%\Build.exe
- <SYSTEM32>\stu2.exe
- <SYSTEM32>\frmwrk32.exe
- %TEMP%\Build.exe
- <SYSTEM32>\frmwrk32.exe
- 'pm###tware.biz':80
- 'ls####st-nax.ind.in':80
- 'localhost':1039
- ls####st-nax.ind.in/warning.gif
- ls####st-nax.ind.in/winlogon.htm
- ls####st-nax.ind.in/loads.php?co##########
- pm###tware.biz/cgi-bin/promo.pl?co##########
- DNS ASK pm###tware.biz
- DNS ASK ls####st-nax.ind.in
- ClassName: 'BaseBar' WindowName: 'ChanApp'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''