Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'IniciarProgramas' = '%WINDIR%\svchos.exe'
- '%WINDIR%\svcho.exe'
- '<SYSTEM32>\reg.exe' ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v IniciarProgramas /t REG_SZ /d "%WINDIR%\svchos.exe"
- '<SYSTEM32>\cmd.exe' /c ""%WINDIR%\bat.bat" "
- %WINDIR%\BlackBox.exe
- %WINDIR%\bat.bat
- %WINDIR%\svcho.exe
- 'af####.sytes.net':2000
- 'fr###eoip.net':80
- fr###eoip.net/xml/
- DNS ASK af####.sytes.net
- DNS ASK fr###eoip.net
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'