Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'runit32' = '{DDEE0000-0000-0000-0000-101010101010}'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\uinfo[1].php
- <SYSTEM32>\runit32.dll
- 'ba##sms.ru':80
- ba##sms.ru/uinfo.php?id#####
- DNS ASK ba##sms.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''