Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ActiveSync' = '%PROGRAM_FILES%\ActiveSync\ActiveSync.exe'
- %PROGRAM_FILES%\ActiveSync\ActiveSync.exe
- <SYSTEM32>\taskkill.exe /f /t /im ActiveSync.exe
- %PROGRAM_FILES%\ActiveSync\is-LRJ2J.tmp
- %PROGRAM_FILES%\ActiveSync\is-29VIE.tmp
- %PROGRAM_FILES%\ActiveSync\is-J7IVR.tmp
- %TEMP%\is-SUKU3.tmp\_isetup\_iscrypt.dll
- %TEMP%\is-07K6E.tmp\<Имя вируса>.tmp
- %TEMP%\is-SUKU3.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-SUKU3.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-SUKU3.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-07K6E.tmp\<Имя вируса>.tmp
- %TEMP%\is-SUKU3.tmp\_isetup\_iscrypt.dll
- %TEMP%\is-SUKU3.tmp\_isetup\_RegDLL.tmp
- 'un###.vv762.com':88
- DNS ASK un###.vv762.com
- ClassName: 'XWnd' WindowName: 'MDI'
- ClassName: 'Shell Embedding' WindowName: ''
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''