Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe %Systemroot%\<Имя вируса>.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- 'www.un###.com.ar':80
- www.un###.com.ar/sys/cliente.php
- DNS ASK www.un###.com.ar