Техническая информация
- '%WINDIR%\Fonts\5.exe'
- '%WINDIR%\explorer.exe' http://www.ya##g.com
- <Полный путь к вирусу>
- %WINDIR%\Fonts\AWMECLPKAD.dll
- %WINDIR%\Fonts\5.exe
- %HOMEPATH%\Desktop\89945БгСЄІ»ЛАНв№Т.lnk
- %WINDIR%\Fonts\DCURZHMFWT.dll
- %TEMP%\huise\shell.fne
- %TEMP%\huise\krnln.fnr
- %TEMP%\huise\internet.fne
- %TEMP%\huise\PBShell.fne
- %WINDIR%\Fonts\DCURZHMFWT.dll
- %WINDIR%\Fonts\AWMECLPKAD.dll
- %HOMEPATH%\Desktop\89945БгСЄІ»ЛАНв№Т.lnk
- '12#.#0.112.226':5182
- 'localhost':1037
- 'www.ya##g.com':80
- www.ya##g.com/www.yaowg.com.txt
- DNS ASK www.ya##g.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'