Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{C51C4AFB-8A3A-6C2E-BA41-C10F02740731}' = ''
- %TEMP%\xtliw<Имя вируса>.dll
- %TEMP%\xtliw<Имя вируса>.dll
- ClassName: 'TianLongBaBu WndClass' WindowName: ''
- ClassName: '#32770' WindowName: '????????????????'
- ClassName: 'Eset Client Frame' WindowName: 'ESET NOD32 Antivirus'