Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Service Pack Tool' = ''
- '%TEMP%\SpTool.exe'
- '<SYSTEM32>\reg.exe' add HKCU\software\microsoft\windows\currentversion\run /v "Service Pack Tool" /t reg_expand_sz /d "%TEMP%\SpTool.exe" /f
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 5
- '<SYSTEM32>\taskkill.exe' /f /im <Имя вируса>.exe
- %TEMP%\DEM1.tmp
- %TEMP%\SpTool.exe
- 'if#.##teinfo.com':80
- if#.##teinfo.com/ift/index.html
- DNS ASK if#.##teinfo.com
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'