Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,<SYSTEM32>\Isas.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SkyNet' = '%WINDIR%\SkyNet.exe'
- Средство контроля пользовательских учетных записей (UAC)
- '<SYSTEM32>\net1.exe' Stop SharedAccess
- '<SYSTEM32>\net.exe' Stop SharedAccess
- <SYSTEM32>\MS Silverlight.exe
- <SYSTEM32>\Isas.exe
- %WINDIR%\SkyNet.exe
- %TEMP%\aut1.tmp
- %TEMP%\eehkdpu
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\inter.123laptop.net_ver=2[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\inter.123laptop.net_ver=2[1]
- %TEMP%\aut1.tmp
- %TEMP%\eehkdpu
- 'in###.#########.net?ver=2.0&name=crnjeufu&user=urnxymav':80
- in###.#########.net?ver=2.0&name=crnjeufu&user=urnxymav/
- DNS ASK in###.#########.net?ver=2.0&name=crnjeufu&user=urnxymav