Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DR2J0DSS1A' = '%APPDATA%\odtdtiHioW.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\odtdtiHioW.exe
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\odtdtiHioW.exe.lnk
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoLogOff' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoRun' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoChangeStartMenu' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoClose' = '00000000'
- %HOMEPATH%\AppData\Roaming\semtitulo.cur
- %APPDATA%\link1.cur
- %APPDATA%\select1.cur
- %HOMEPATH%\AppData\Roaming\link1.cur
- %HOMEPATH%\AppData\Roaming\select1.cur
- %HOMEPATH%\AppData\Roaming\arrow1.cur
- %APPDATA%\odtdtiHioW.exe
- %APPDATA%\winup00.dat
- %APPDATA%\mp6.txt
- %APPDATA%\arrow1.cur
- %APPDATA%\semtitulo.cur
- %APPDATA%\date.dat
- 'www.io##.org.cn':80
- 'www.me####erecoip.com':80
- 'me##p.eu':80
- http://www.me####erecoip.com/
- http://me##p.eu/
- http://www.io##.org.cn/libraries/phputf8/maraba/contador/graph.php
- DNS ASK www.io##.org.cn
- DNS ASK www.me####erecoip.com
- DNS ASK me##p.eu