Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Taskmanager' = '<Полный путь к вирусу>'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\Sendemail[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ip[1].asp
- 'me####s.lycos.co.uk':80
- 'www.mi###osoft.com':80
- 'localhost':1034
- me####s.lycos.co.uk/bestbadboy/Sendemail.php?ma########################################
- www.mi###osoft.com/ip.asp
- DNS ASK me####s.lycos.co.uk
- DNS ASK www.mi###osoft.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''