Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SystemData' = '%PROGRAM_FILES%\MBlocker\MBlocker.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WindowsExplorer' = '%CommonProgramFiles%\System\svchost.exe'
- '%WINDIR%\regedit.exe' /s "%CommonProgramFiles%\System\wininet.reg"
- %CommonProgramFiles%\System\wininet.reg
- DNS ASK sm###der.net
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'S MSender'