Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AvLog' = '<DRIVERS>\etc\<Имя вируса>.exe'
- <SYSTEM32>\cmd.exe /c <DRIVERS>\etc\delexec.bat
- <DRIVERS>\etc\delexec.bat
- <DRIVERS>\etc\<Имя вируса>.exe
- 'po#.###l.yahoo.com.br':110
- 'sm##.##il.yahoo.com.br':587
- '67.##5.160.76':80
- DNS ASK po#.###l.yahoo.com.br
- DNS ASK sm##.##il.yahoo.com.br
- DNS ASK www.ya##o.com
- ClassName: '#32770' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'Utilit?rio de configura??o do sistema'
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'Editor do Registro'
- ClassName: '' WindowName: 'Diretivas de grupo'