Техническая информация
- %PROGRAM_FILES%\Windows NT\Accessories\wordpadq.exe %WINDIR%\inf\flashq.ocx OPIEModuleMain
- %WINDIR%\regedit.exe /s %PROGRAM_FILES%\Internet Explorer\2.reg
- %PROGRAM_FILES%\Internet Explorer\2.reg
- %PROGRAM_FILES%\Windows NT\Accessories\wordpadq.exe
- %PROGRAM_FILES%\wiEVGfackNOD32Pps.temp
- %PROGRAM_FILES%\Internet Explorer\2.reg
- из <Полный путь к вирусу> в %WINDIR%\svch0st1.exe
- 'la#####2011.3322.org':8786
- DNS ASK la#####2011.3322.org
- '<IP-адрес в локальной сети>':1034
- ClassName: 'RegEdit_RegEdit' WindowName: ''