Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<Имя вируса>' = '<Полный путь к вирусу>'
- %WINDIR%\system\Infect.txt
- %WINDIR%\svchost.exe
- 'ft#.####brielkl.sexyi.am':21
- 'localhost':1035
- DNS ASK ft#.####brielkl.sexyi.am
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: '' WindowName: 'Caixa Economica Federal - Google Chrome'
- ClassName: '' WindowName: 'Caixa Economica Federal - Mozilla Firefox'
- ClassName: 'TabWindowClass' WindowName: ''
- ClassName: '' WindowName: 'Caixa Economica Federal - Windows Internet Explorer'
- ClassName: 'Internet Explorer_Server' WindowName: ''
- ClassName: 'Frame Tab' WindowName: ''