Техническая информация
- [<HKLM>\SOFTWARE\Classes\.com] '' = 'VIRUS ABU_KI$$ 2010'
- [<HKLM>\SOFTWARE\Classes\.pif] '' = 'VIRUS ABU_KI$$ 2010'
- [<HKLM>\SOFTWARE\Classes\.scr] '' = 'VIRUS ABU_KI$$ 2010'
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'VIRUS ABU_KI$$ 2010'
- [<HKLM>\SOFTWARE\Classes\Applications\iexplore.exe\shell\open\command] '' = 'VIRUS ABU_KI$$ 2010'
- [<HKLM>\SOFTWARE\Classes\.bat] '' = 'VIRUS ABU_KI$$ 2010'
- скрытых файлов
- Диспетчера задач (Taskmgr)
- [<HKCU>\Software\Microsoft\Internet Explorer\Main] 'Window Title' = 'VIRUS ABU_KI$$ 2010'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\send[1].php
- C:\s.bmp
- <Полный путь к вирусу>
- 'me####s.lycos.co.uk':80
- 'localhost':1037
- me####s.lycos.co.uk/vk09/send.php?ma##########################################################
- DNS ASK me####s.lycos.co.uk
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_traywnd' WindowName: ''
- ClassName: 'Progman' WindowName: ''