Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Media' = '<SYSTEM32>\WmInit.exe'
- <SYSTEM32>\WmInit.exe "<Полный путь к вирусу>"
- <SYSTEM32>\WmInit.exe
- <SYSTEM32>\WmInit.dat
- '11#.#42.116.46':55104
- 'ad###91020.info':55109
- '11#.#42.116.46':55105
- '11#.#42.116.46':55101
- '11#.#42.116.46':55108
- '11#.#42.116.46':55102
- '11#.#42.116.46':55107
- '11#.#42.116.46':55103
- 'te###26374.info':7900
- '11#.#42.116.46':55106
- '11#.#42.116.46':55109
- DNS ASK ad###91020.info
- DNS ASK te###26374.info
- ClassName: 'SysListView32' WindowName: ''