Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{2fz8se-157bq-16nc-23or4-2ke0fa071818}] 'StubPath' = '"<SYSTEM32>\bowinupxxz.exe" /lanzateActiveX'
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'bowinupxxz' = '<SYSTEM32>\bowinupxxz.exe'
- %WINDIR%\syswow64\bowinupxxz.exe
- 'sm##.##rreo.yahoo.es':587
- DNS ASK sm##.##rreo.yahoo.es