Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnZoneCrossing' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1601' = '00000000'
- %HOMEPATH%\Desktop\SMART_HDD.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\SMART_HDD.lnk
- %HOMEPATH%\Start Menu\Programs\SMART HDD\Uninstall SMART HDD.lnk
- %ALLUSERSPROFILE%\Application Data\@%PeIHaao^b6e_h
- %HOMEPATH%\Start Menu\Programs\SMART HDD\SMART HDD.lnk
- из <Полный путь к вирусу> в %ALLUSERSPROFILE%\Application Data\@%PeIHaao^b6e_h.exe
- 'ps####reator.com':80
- 'ye####rdoneye.com':80
- 'vo####ardfon.com':80
- 'ri####jerive.com':80
- 'ni####backre.com':80
- ni####backre.com/support/sr
- ni####backre.com/support/s
- ps####reator.com/support/s
- ye####rdoneye.com/support/s
- ps####reator.com/support/sr
- ni####backre.com/s.php?0Q######################################################################
- ri####jerive.com/support/s
- ri####jerive.com/support/sr
- vo####ardfon.com/support/sr
- vo####ardfon.com/support/s
- DNS ASK ye####rdoneye.com
- DNS ASK vo####ardfon.com
- DNS ASK ps####reator.com
- DNS ASK ri####jerive.com
- DNS ASK ni####backre.com
- '<IP-адрес в локальной сети>':1037
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''