Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Gerenciador de Sessao' = '%ALLUSERSPROFILE%\smss.exe -noconsole SecurityTypes=VncAuth Password=2CACFCDE6C37A505 DisableClose=1 DisableOpt...
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Internet Explorer' = '"%ALLUSERSPROFILE%\iexplore.exe" /logon'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'DoNotAllowExceptions' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] 'EnableFirewall' = '00000000'
- '<SYSTEM32>\netsh.exe' firewall set opmode mode = disable
- %ALLUSERSPROFILE%\smss.exe
- %ALLUSERSPROFILE%\iexplore.exe
- 'www.ci##4.com':80
- http://www.ci##4.com/modules/mod_dcslock.php
- DNS ASK www.ci##4.com
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'Shell_TrayWnd' WindowName: ''