Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Explorer.exe] 'Debugger' = '<SYSTEM32>\<Имя вируса>.exe'
- %WINDIR%\<Имя вируса>.exe
- %WINDIR%\Explorer.EXE
- ClassName: 'AVP.Product_Notification' WindowName: ''
- ClassName: 'AVP.AlertDialog' WindowName: ''
- %APPDATA%\Cuckoo\windows2.log
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\update[1].txt
- %TEMP%\update2.log
- %WINDIR%\KB918225.log
- %WINDIR%\<Имя вируса>.exe
- <SYSTEM32>\<Имя вируса>.exe
- %APPDATA%\Cuckoo\Host.dat
- %WINDIR%\KB918225.log
- %WINDIR%\<Имя вируса>.exe
- %APPDATA%\Cuckoo\Host.dat
- 'up.#izmd.cn':80
- 'localhost':1035
- up.#izmd.cn/software/update.txt
- DNS ASK up.#izmd.cn
- ClassName: '#32770' WindowName: 'McAfee Personal Firewall Plus ????'
- ClassName: '###McAlertWindow###' WindowName: ''
- ClassName: '#32770' WindowName: '??????????????????'
- ClassName: '#32770' WindowName: 'VirusScan ??????????????'
- ClassName: '#32770' WindowName: '??????????'
- ClassName: 'Afx:400000:0' WindowName: ''
- ClassName: '#32770' WindowName: '???????? - ????????????????'
- ClassName: '#32770' WindowName: 'IE????'