Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'IDV' = '%APPDATA%\IDV_388.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'IDV' = '%APPDATA%\IDV_751.exe'
- %APPDATA%\IDV_388.exe
- %APPDATA%\IDV_751.exe
- 'www.my#p.ru':80
- 'lo###.icq.com':5190
- 'ex##soft.ru':80
- 'in####men.16mb.com':80
- ex##soft.ru/upgrade/index/info.txt
- www.my#p.ru/get_ip.php?lo##
- ex##soft.ru/upgrade/index/get.php?ic#
- ex##soft.ru/upgrade/index/id.php
- in####men.16mb.com/updates/get.php?ad##################
- DNS ASK www.my#p.ru
- DNS ASK lo###.icq.com
- DNS ASK ex##soft.ru
- DNS ASK in####men.16mb.com
- ClassName: 'Shell_TrayWnd' WindowName: ''