Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'smartbacon' = '%PROGRAM_FILES%\Smartbacon\smartbacon.exe'
- %PROGRAM_FILES%\Smartbacon\smartbacon.exe
- %PROGRAM_FILES%\Smartbacon\inssb.exe Y;<Полный путь к вирусу>;;±ієё№®°н №Щ·ОДЬ;Y;
- <SYSTEM32>\cmd.exe /c \smicd.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\su[1].htm
- %PROGRAM_FILES%\Smartbacon\ico\u_.ico
- C:\smicd.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\index[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\index[1].htm
- %PROGRAM_FILES%\Smartbacon\smartbacon.ini
- %PROGRAM_FILES%\Smartbacon\uninstall.exe
- %PROGRAM_FILES%\Smartbacon\inssb.exe
- %PROGRAM_FILES%\Smartbacon\smartbacons.exe
- %TEMP%\nsh2.tmp\System.dll
- %PROGRAM_FILES%\Smartbacon\smartbacon.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\index[1].htm
- %PROGRAM_FILES%\Smartbacon\inssb.exe
- %TEMP%\nsh2.tmp\System.dll
- 'sm####acon.co.kr':80
- sm####acon.co.kr/uninstall/u_.ico
- sm####acon.co.kr/index.php
- sm####acon.co.kr/su.php
- DNS ASK lo#.###rtbacon.co.kr
- DNS ASK en#.###rtbacon.co.kr
- DNS ASK sm####acon.co.kr
- DNS ASK ba####.smartbacon.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''