Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '360saft' = '%PROGRAM_FILES%\Internet Explorer\iexplre.exe'
- ClassName: 'TXGuiFoundation' WindowName: 'QQ2010'
- ClassName: 'TXGuiFoundation' WindowName: 'QQ2012'
- ClassName: 'TXGuiFoundation' WindowName: 'QQ2011'
- %TEMP%\22785.tmp
- %TEMP%\2239c.tmp
- %TEMP%\215d0.tmp
- %TEMP%\22785.tmp
- %TEMP%\2239c.tmp
- %TEMP%\215d0.tmp
- из <Полный путь к вирусу> в %PROGRAM_FILES%\Internet Explorer\iexplre.exe
- 'oo#.#5free.net':80
- oo#.#5free.net/hmxzdz.htm
- oo#.#5free.net/yes.no.htm
- DNS ASK oo#.#5free.net