Техническая информация
- [<HKLM>\SOFTWARE\Classes\IE\shell\open\command] '' = '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://dh1.765321.info?1126811'
- [<HKLM>\SOFTWARE\Classes\JE\shell\open\command] '' = '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.laitao.info'
- [<HKLM>\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\open\command] '' = 'Explorer.exe'
- %WINDIR%\vb.ini
- из <Полный путь к вирусу> в <Текущая директория>\228.tmp
- '2.###321.info':4321
- '3.###321.info':4321
- 'localhost':1038
- DNS ASK 2.###321.info
- DNS ASK 3.###321.info
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: 'Progman' WindowName: ''