Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = 'BrowseStart.dll'
- %TEMP%\_ir_sf_temp_0\Installer.exe
- %TEMP%\_ir_sf_temp_0\irsetup.exe __IRAOFF:1742194 "__IRAFN:<Полный путь к вирусу>" "__IRCT:0" "__IRTSS:0" "__IRSID:S-1-5-21-2052111302-484763869-725345543-1003"
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.go##le.de/
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe /codebase IEPlugin.dll
- <SYSTEM32>\BrowseStart.dll
- <SYSTEM32>\Interop.SHDocVw.dll
- %TEMP%\252D9.dmp
- %TEMP%\dw.log
- %TEMP%\ie3DCA.tmp
- %TEMP%\_ir_sf_temp_0\irsetup.dat
- %TEMP%\_ir_sf_temp_0\lua5.1.dll
- %TEMP%\_ir_sf_temp_0\irsetup.exe
- <SYSTEM32>\IEPlugin.dll
- %TEMP%\IE Plugin Setup Log.txt
- %TEMP%\_ir_sf_temp_0\Installer.exe
- %TEMP%\_ir_sf_temp_0\irsetup.exe
- %TEMP%\_ir_sf_temp_0\lua5.1.dll
- %TEMP%\_ir_sf_temp_0\irsetup.dat
- %TEMP%\_ir_sf_temp_0\Installer.exe
- 'www.st####download.de':80
- www.st####download.de/addons/39
- DNS ASK www.st####download.de
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''