Техническая информация
- [<HKLM>\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] 'System32' = '%WINDIR%\svchost.exe'
- [<HKCU>\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] 'System32' = '%WINDIR%\vchost.exe'
- %WINDIR%\sound_32.dll
- http://20#.#8.150.84/troia.dll
- http://20#.#8.150.84/Trade.exe
- DNS ASK sm##.##il.yahoo.com.br