Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '<Полный путь к вирусу>'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = '<Полный путь к вирусу>'
- 'ic##.##ncommerce.com':80
- '40#.#####websitedatabase.com':80
- '20#.#6.232.182':80
- ic##.##ncommerce.com/info.php?cp#####
- 40#.#####websitedatabase.com/cnt2.php?cp#####
- 20#.#6.232.182/
- 40#.#####websitedatabase.com/info.php?cp#####
- DNS ASK ic##.##ncommerce.com
- DNS ASK 40#.#####websitedatabase.com
- DNS ASK www.microsoft.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''