Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,<Полный путь к вирусу>,'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\img02[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\img03[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\img03[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\img02[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\upd01[1].jpg
- <SYSTEM32>tempfile.temp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\upd01[1].jpg
- <SYSTEM32>tempfile.temp
- '70.#6.68.75':80
- '20#.#2.75.107':80
- 70.#6.68.75/primario/img02.jpg
- 20#.#2.75.107/ind/img03.jpg
- 70.#6.68.75/primario/img03.jpg
- 20#.#2.75.107/ind/upd01.jpg
- 70.#6.68.75/primario/upd01.jpg
- 20#.#2.75.107/ind/img02.jpg