Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SharedAPPs' = '%WINDIR%\system\<Имя вируса>.exe'
- '%WINDIR%\regedit.exe' /s %WINDIR%\MStoolsAppi2.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\layoutwin[1].gif
- %PROGRAM_FILES%\GbPluggin\gbppsv.exe
- %WINDIR%\system\<Имя вируса>.exe
- %PROGRAM_FILES%\GbPluggin\SVCHOST
- %WINDIR%\MStoolsAppi2.reg
- %PROGRAM_FILES%\GbPluggin\SVCHOST
- %WINDIR%\MStoolsAppi2.reg
- 'www.ei###.webz.cz':80
- 'localhost':1037
- www.ei###.webz.cz/layoutwin.gif
- DNS ASK www.ei###.webz.cz
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Directx9c' WindowName: ''