Техническая информация
- %WINDIR%\regedit.exe /s %WINDIR%\Globber.Reg
- <SYSTEM32>\cmd.exe /c ""<Текущая директория>\Globber.cmd ""
- %WINDIR%\regedit.exe /s %WINDIR%\GlobberReg
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\real\realplayer\rpshell32.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\linepen[1].js
- %PROGRAM_FILES%\real\realplayer\rpshell32.dll
- <Текущая директория>\Globber.cmd
- %PROGRAM_FILES%\real\realplayer\realUpdateNT.exe
- %WINDIR%\Globber.Reg
- %PROGRAM_FILES%\real\realplayer\acpi.vxd
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\color[1].js
- %WINDIR%\system\<Имя вируса>.exe
- <Текущая директория>\Globber.cmd
- %WINDIR%\system\<Имя вируса>.exe
- %WINDIR%\Globber.Reg
- 'fo####oreira.com.br':80
- 'localhost':1035
- fo####oreira.com.br/linepen.js
- fo####oreira.com.br/color.js
- DNS ASK fo####oreira.com.br
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'AlphaEx' WindowName: ''