Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{08315C1A-9BA9-4B7C-A432-26885F78DF28}' = ''
- 'C:\Down(262198).exe'
- 'C:\Down(262198).exe' (загружен из сети Интернет)
- C:\Down(262198).exe
- %CommonProgramFiles%\joipor.vxd
- %CommonProgramFiles%\joipor.vxd
- 'www.**#.com':80
- 'localhost':1040
- www.**#.com/QQ.exe
- DNS ASK www.**#.com
- ClassName: 'ListBox' WindowName: 'xr, wo ai ni'
- ClassName: 'ListBox' WindowName: 'xr, wo xiang ni'