Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '%WINDIR%\svchost.exe'
- '%WINDIR%\svchost.exe'
- '%WINDIR%\svchost.exe' (загружен из сети Интернет)
- '<SYSTEM32>\shutdown.exe' -r -t 20
- [<HKCU>\Software\Microsoft\MessengerService]
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoFind' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoControlPanel' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'StartMenuLogOff' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoClose' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoRun' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoDesktop' = '00000001'
- C:\Mis contactos.txt
- %WINDIR%\svchost.exe
- 'mx#####et.adinet.com.uy':25
- 'di###.t35.com':80
- 'localhost':1038
- di###.t35.com/virus.zip
- DNS ASK mx#####et.adinet.com.uy
- DNS ASK di###.t35.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''