Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnZoneCrossing' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1601' = '00000000'
- %HOMEPATH%\Desktop\SMART_HDD.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\SMART_HDD.lnk
- %HOMEPATH%\Start Menu\Programs\SMART HDD\Uninstall SMART HDD.lnk
- %ALLUSERSPROFILE%\Application Data\U9U_x)vUc3[#^$
- %HOMEPATH%\Start Menu\Programs\SMART HDD\SMART HDD.lnk
- from <Full path to virus> to %ALLUSERSPROFILE%\Application Data\U9U_x)vUc3[#^$.exe
- 'ri####jerive.com':80
- ri####jerive.com/support/s
- DNS ASK ni####backre.com
- DNS ASK ri####jerive.com
- '<Private IP address>':1037
- ClassName: 'Shell_TrayWnd' WindowName: ''