Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svchost' = '<Полный путь к вирусу>'
- <SYSTEM32>\netsh.exe firewall add allowedprogram "A;Qgf>0l;`=R`;4=nd54(eug'*ysoglsv'hrj'HECGFO
- %WINDIR%\TVICCOMM.VXD
- %WINDIR%\TVicCommSpy.ocx
- %WINDIR%\TVicComm.sys
- %WINDIR%\SETUP_9X.INF
- %WINDIR%\SETUP_NT.INF
- 'di####o.no-ip.org':1945
- DNS ASK di####o.no-ip.org
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'TWMHprincipal' WindowName: ''