Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{DD7D4640-4464-48C0-82FD-21338366D2D2}' = ''
- <SYSTEM32>\cmd.exe /c ""<Текущая директория>\_Ms.bat" "
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\count[1].htm
- <Текущая директория>\_Ms.bat
- %PROGRAM_FILES%\Internet Explorer\InfoMs.sys
- %PROGRAM_FILES%\Internet Explorer\InfoMs.tdm
- %PROGRAM_FILES%\Internet Explorer\InfoMs.sys
- 'gg.#tzdy.cn':80
- 'www.ha##23.com':80
- gg.#tzdy.cn/logo.gif
- www.ha##23.com/
- gg.#tzdy.cn/count/count.asp
- DNS ASK gg.#tzdy.cn
- DNS ASK www.ha##23.com
- ClassName: 'ScrollBar' WindowName: '54321'
- ClassName: 'ScrollBar' WindowName: '12345'