Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'WinIME32Service' = '<Полный путь к вирусу>'
- %HOMEPATH%\MSOCache32\patch\files\winime32mon.exe
- %HOMEPATH%\MSOCache32\patch\files\tmp-0002356E.tmp
- %HOMEPATH%\MSOCache32\patch\files\winime32mon.exe
- %HOMEPATH%\MSOCache32\patch\files\winime32.dll
- '11#.#1.237.118':80
- 'wi###e32.lnk':445
- 11#.#1.237.118/ps3/xinit.php
- DNS ASK wi###e32.lnk
- ClassName: 'Indicator' WindowName: ''