Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'game_exit_ad' = '<Полный путь к вирусу>'
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\config[1].dat
- %TEMP%\down_up.ini
- %TEMP%\_homepage.ini
- %TEMP%\ie_show.dll
- %TEMP%\process_name.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\config[1].dat
- 'ho####ge.1983.so':80
- '11#.#8.65.29':8383
- 'ga##.1983.so':8383
- ho####ge.1983.so/homepage/config.dat
- DNS ASK ho####ge.1983.so
- DNS ASK ga##.1983.so
- '25#.#55.255.255':8484
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: '' WindowName: 'Program Manager'
- ClassName: 'SHELLDLL_DefView' WindowName: ''