Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Download Manager' = '%HOMEPATH%\Downloads\explorer.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Document Explorer' = '%HOMEPATH%\Documents\explorer.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Profile Manager' = '%HOMEPATH%\explorer.exe'
- %HOMEPATH%\explorer.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\purenet.hopto[1]
- %HOMEPATH%\explorer.exe
- %HOMEPATH%\explorer.exe
- <Полный путь к вирусу>
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\purenet.hopto[1]
- %HOMEPATH%\explorer.exe
- 'pu####t.hopto.org':80
- 'il##oip.it':80
- pu####t.hopto.org/
- il##oip.it/
- DNS ASK pu####t.hopto.org
- DNS ASK www.il##oip.it
- DNS ASK il##oip.it
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''