Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SystemFile' = 'syctask.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{z6B2445-1963-9142-A0DB-DBDB9E15FB9z;] 'StubPath' = 'systask.exe AutoRun'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe servics.exe'
- скрытых файлов
- %WINDIR%\Lsast.exe
- <SYSTEM32>\config\up.exe
- %TEMP%\bndFile
- <SYSTEM32>\Lsasss.exe
- %WINDIR%\Lsast.exe в %WINDIR%\syctask.exe
- <SYSTEM32>\Lsasss.exe в <SYSTEM32>\servics.exe
- 'www.no###gar.com':21
- DNS ASK www.no###gar.com
- ClassName: 'Edit' WindowName: ''
- ClassName: '#32770' WindowName: 'YLoginWnd'
- ClassName: 'YTopWindow' WindowName: ''
- ClassName: 'Button' WindowName: '&Sign In'
- ClassName: 'YahooBuddyMain' WindowName: ''
- ClassName: '#32770' WindowName: ''
- ClassName: '' WindowName: 'Windows Task Manager'
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''