Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ctfmon' = '<SYSTEM32>\ctfmon.exe'
- 'sm##.##il.yahoo.com.br':25
- 'i9###ech.co.cc':80
- i9###ech.co.cc/body.php
- DNS ASK sm##.##il.yahoo.com.br
- DNS ASK i9###ech.co.cc
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: 'TabWindowClass' WindowName: ''
- ClassName: 'Internet Explorer_Server' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'