Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'tasklist32.exe' = '<SYSTEM32>\tasklist32.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\divulgasite[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\2010[1].php
- <SYSTEM32>\tasklist32.exe
- <Полный путь к вирусу>
- 'di###gasite.net':80
- 'dr####os.fh50.com':80
- 'localhost':1035
- di###gasite.net/
- dr####os.fh50.com/2010.php
- DNS ASK di###gasite.net
- DNS ASK dr####os.fh50.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'Utilit?rio de configura??o do sistema'
- ClassName: '' WindowName: 'Gerenciador de tarefas do Windows'
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'