Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnZoneCrossing' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1601' = '00000000'
- %HOMEPATH%\Desktop\SMART_HDD.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\SMART_HDD.lnk
- %HOMEPATH%\Start Menu\Programs\SMART HDD\Uninstall SMART HDD.lnk
- %ALLUSERSPROFILE%\Application Data\p97O]%F-@aivf
- %HOMEPATH%\Start Menu\Programs\SMART HDD\SMART HDD.lnk
- из <Полный путь к вирусу> в %ALLUSERSPROFILE%\Application Data\p97O]%F-@aivf.exe
- 'ps####reator.com':80
- 'me###roneca.com':80
- 'ye####rdoneye.com':80
- 'ba###tons.com':80
- 'tr####ingona.com':80
- 'ca###nvelop.com':80
- me###roneca.com/support/s
- ps####reator.com/support/sr
- ps####reator.com/support/s
- ye####rdoneye.com/support/sr
- ye####rdoneye.com/support/s
- me###roneca.com/support/sr
- tr####ingona.com/support/sr
- ba###tons.com/support/sr
- tr####ingona.com/s.php?0Q######################################################################
- ba###tons.com/support/s
- tr####ingona.com/support/s
- ca###nvelop.com/support/sr
- ca###nvelop.com/support/s
- DNS ASK ps####reator.com
- DNS ASK me###roneca.com
- DNS ASK ye####rdoneye.com
- DNS ASK ca###nvelop.com
- DNS ASK ba###tons.com
- DNS ASK tr####ingona.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''