Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,%PROGRAM_FILES%\Internet Explorer\<Имя вируса>.exe'
- %WINDIR%\163_105.ico
- <SYSTEM32>\cssys.dat
- %PROGRAM_FILES%\Internet Explorer\<Имя вируса>.exe
- %WINDIR%\163_104.ico
- %WINDIR%\163_102.ico
- %WINDIR%\163_103.ico
- 'www.yg##.com.cn':80
- 'localhost':1035
- DNS ASK www.yg##.com.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Progman' WindowName: 'Program Manager'