Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'LiveMessenge' = '%PROGRAM_FILES%\sunsystens\msnmsgc.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'LiveMessenger' = '%PROGRAM_FILES%\sunsystens\live.exe'
- %TEMP%\<Имя вируса>.exe
- %TEMP%\<Имя вируса>.exe
- %TEMP%\<Имя вируса>.exe в %TEMP%\temp_m.tmp
- 'ws########a.hospedagem-de-site.info':80
- '67.##5.160.76':80
- 'to######ine.heliohost.org':80
- ws########a.hospedagem-de-site.info/imagens/mensagens.txt
- to######ine.heliohost.org/acesso/acesso.php
- DNS ASK ws########a.hospedagem-de-site.info
- DNS ASK www.ya##o.com
- DNS ASK to######ine.heliohost.org
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''