Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnZoneCrossing' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1601' = '00000000'
- %HOMEPATH%\Desktop\System Fix.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
- %HOMEPATH%\Start Menu\Programs\System Fix\Uninstall System Fix.lnk
- %ALLUSERSPROFILE%\Application Data\EE6SQg3OC
- %HOMEPATH%\Start Menu\Programs\System Fix\System Fix.lnk
- из <Полный путь к вирусу> в %ALLUSERSPROFILE%\Application Data\EE6SQg3OC.exe
- 'as####tavyru.com':80
- 'st####stoneuse.com':80
- 'ma####ngelog.com':80
- 'va####idetor.com':80
- 'nu####heamedy.com':80
- 'du####ufeampl.com':80
- http://st####stoneuse.com/britix/a
- http://as####tavyru.com/britix/ar
- http://as####tavyru.com/britix/a
- http://ma####ngelog.com/britix/ar
- http://ma####ngelog.com/britix/a
- http://st####stoneuse.com/britix/ar
- http://nu####heamedy.com/britix/ar
- http://nu####heamedy.com/up.php?0Q##################################################################
- http://va####idetor.com/britix/ar
- http://va####idetor.com/britix/a
- http://nu####heamedy.com/britix/a
- http://du####ufeampl.com/britix/ar
- http://du####ufeampl.com/britix/a
- DNS ASK as####tavyru.com
- DNS ASK st####stoneuse.com
- DNS ASK ma####ngelog.com
- DNS ASK va####idetor.com
- DNS ASK nu####heamedy.com
- DNS ASK du####ufeampl.com
- ClassName: 'Shell_TrayWnd' WindowName: ''