Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ati] 'Start' = '00000002'
- 'C:\Documents and Settings\aitnetgod.exe'
- 'C:\Documents and Settings\aitnetgod.exe' js
- 'C:\Documents and Settings\aitnetgod.exe' js2
- '%WINDIR%\<Имя вируса>.exe'
- 'C:\Documents and Settings\ck0aitnetgod.exe'
- 'C:\Documents and Settings\WINaitnetgod.exe'
- '<SYSTEM32>\rundll32.exe' <SYSTEM32>\shimgvw.dll,ImageView_Fullscreen %WINDIR%\<Имя вируса>.jpg
- %HOMEPATH%\Recent\<Имя вируса>.lnk
- C:\Documents and Settings\aitnetgod.exe
- C:\Documents and Settings\WIN_cke.txt
- %HOMEPATH%\Recent\WINDOWS.lnk
- C:\Documents and Settings\ck0aitnetgod.exe
- C:\Documents and Settings\xvidcore.dll
- %WINDIR%\<Имя вируса>.jpg
- %WINDIR%\<Имя вируса>.exe
- %WINDIR%\win32.btlq
- C:\Documents and Settings\WINaitnetgod.exe
- C:\Documents and Settings\aitnetgod.chm
- C:\Documents and Settings\WIN_cke.txt
- %WINDIR%\<Имя вируса>.exe
- DNS ASK yo##6.com
- '11#.#11.111.11':11111
- 'yo##6.com':58888
- ClassName: '(null)' WindowName: 'js2'
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: '(null)' WindowName: 'js'
- ClassName: 'ShImgVw:CPreviewWnd' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'