Техническая информация
- [<HKLM>\SOFTWARE\Classes\gmst File\shell\open\command] '' = '%PROGRAM_FILES%\SCom\Dialers\Gay_Sexy_dk\Gay_Sexy_dk.exe %1'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Gay_Sexy_dk' = '%PROGRAM_FILES%\SCom\Dialers\Gay_Sexy_dk\Gay_Sexy_dk.exe /dontdial '
- %PROGRAM_FILES%\scom\dialers\gay_sexy_dk\gay_sexy_dk.exe -kill <Полный путь к вирусу> /install
- ClassName: 'AOL Frame25' WindowName: ''
- %HOMEPATH%\Desktop\Gay_Sexy_dk.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\bb[1].ima
- %HOMEPATH%\Start Menu\Programs\Gay_Sexy_dk.lnk
- %PROGRAM_FILES%\scom\dialers\gay_sexy_dk\gay_sexy_dk.exe
- %HOMEPATH%\Start Menu\Gay_Sexy_dk.lnk
- 'w.######ejtudlk-dfjkeid.com':80
- 'www.kj#####ieldiouyu.com':80
- 'localhost':1035
- w.######ejtudlk-dfjkeid.com/wk/getclientid.wnk?sr########################################################################################################
- www.kj#####ieldiouyu.com/anet/bb.ima?pi######################################################
- DNS ASK w.######ejtudlk-dfjkeid.com
- DNS ASK www.kj#####ieldiouyu.com
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'GAY_SEXY_DK' WindowName: 'Gay_Sexy_dk'
- ClassName: '' WindowName: 'Gay_Sexy_dk'
- ClassName: 'Shell_TrayWnd' WindowName: ''