Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] '{5D06580A-08EB-4DD0-8425-DDBB5198B30C}' = ''
- %PROGRAM_FILES%\Internet Explorer\PLUGINS\CDown.sys
- %PROGRAM_FILES%\Internet Explorer\PLUGINS\CDown.dll
- %PROGRAM_FILES%\Internet Explorer\PLUGINS\CDown.dll
- <DRIVERS>\etc\hosts
- 'do##.doups.cn':80
- do##.doups.cn/ad.jpg
- DNS ASK do##.doups.cn
- ClassName: 'ListBox' WindowName: 'CDownDll'
- ClassName: 'ListBox' WindowName: 'CDownExe'