Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ActiveSync' = '%PROGRAM_FILES%\ActiveSync\ActiveSync.exe'
- %PROGRAM_FILES%\ActiveSync\ActiveSync.exe
- <SYSTEM32>\taskkill.exe /f /t /im ActiveSync.exe
- %PROGRAM_FILES%\ActiveSync\is-EHO90.tmp
- %PROGRAM_FILES%\ActiveSync\is-9RD0V.tmp
- %PROGRAM_FILES%\ActiveSync\is-VA7GV.tmp
- %TEMP%\is-UHI02.tmp\_isetup\_iscrypt.dll
- %TEMP%\is-FMJJO.tmp\<Имя вируса>.tmp
- %TEMP%\is-UHI02.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-UHI02.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-UHI02.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-FMJJO.tmp\<Имя вируса>.tmp
- %TEMP%\is-UHI02.tmp\_isetup\_iscrypt.dll
- %TEMP%\is-UHI02.tmp\_isetup\_RegDLL.tmp
- 'un###.vv762.com':88
- DNS ASK un###.vv762.com
- ClassName: 'XWnd' WindowName: 'MDI'
- ClassName: 'Shell Embedding' WindowName: ''
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''