Техническая информация
- [<HKLM>\SOFTWARE\Classes\htnw File\shell\open\command] '' = '%PROGRAM_FILES%\nog\Dialers\Lisa\Lisa.exe %1'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Lisa' = '%PROGRAM_FILES%\nog\Dialers\Lisa\Lisa.exe /dontdial '
- %PROGRAM_FILES%\nog\dialers\lisa\lisa.exe -kill <Полный путь к вирусу> /install
- ClassName: 'AOL Frame25' WindowName: ''
- %HOMEPATH%\Desktop\Lisa.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hardcoresource[1].ima
- %HOMEPATH%\Start Menu\Programs\Lisa.lnk
- %PROGRAM_FILES%\nog\dialers\lisa\lisa.exe
- %HOMEPATH%\Start Menu\Lisa.lnk
- 'w.######ejtudlk-dfjkeid.com':80
- 'www.kj#####ieldiouyu.com':80
- 'localhost':1036
- w.######ejtudlk-dfjkeid.com/wk/getclientid.wnk?sr#################################################################################################################
- www.kj#####ieldiouyu.com/anet/hardcoresource.ima?pi##############################################
- DNS ASK w.######ejtudlk-dfjkeid.com
- DNS ASK www.kj#####ieldiouyu.com
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'LISA' WindowName: 'Lisa'
- ClassName: '' WindowName: 'Lisa'
- ClassName: 'Shell_TrayWnd' WindowName: ''