Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'crtfmon' = '<Полный путь к вирусу>'
- '<SYSTEM32>\regsvr32.exe' /s /c "%PROGRAM_FILES%\Google\googletoolbar1.dll"
- %TEMP%\ie793E.tmp
- %PROGRAM_FILES%\Google\bipsetup.mcd
- %PROGRAM_FILES%\Google\googletoolbar1.dll
- 'pr###cash24.com':80
- pr###cash24.com/registration.php?bl#####################################################################
- DNS ASK pr###cash24.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'