Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'cltmon' = '<SYSTEM32>\cltmon.exe'
- [<HKCU>\Software\Microsoft\Internet Explorer\Download] 'CheckExeSignatures' = 'no'
- [<HKCU>\Software\Microsoft\Internet Explorer\Download] 'RunInvalidSignatures' = '00000001'
- <SYSTEM32>\cltmon.exe
- 'tr####age.com.br':80
- 'iz######texy.ifastnet.com':80
- 'iz#####s.freehostia.com':80
- http://tr####age.com.br/links/images/izon/izon.jpg
- http://iz######texy.ifastnet.com/musk/izon.txt
- http://iz#####s.freehostia.com/izon.txt
- DNS ASK tr####age.com.br
- DNS ASK iz######texy.ifastnet.com
- DNS ASK iz#####s.freehostia.com
- ClassName: 'Shell_TrayWnd' WindowName: ''