Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'msseces' = '{7BDC5203-79CE-4A27-87DB-2FED16866E71}'
- %WINDIR%\explorer.exe
- %WINDIR%\Explorer.EXE
- C:\ProgramData\Java\jre6\bin\jcfg.pdb
- C:\ProgramData\Java\jre6\bin\readme.txt
- C:\ProgramData\Java\jre6\bin\jwdeploy.dll
- C:\ProgramData\Java\jre6\bin\readme.txt
- %TEMP%\qqw2.tmp
- %TEMP%\qqw1.tmp
- из <Полный путь к вирусу> в <Текущая директория>\err_3_244_1998166001_32.pdb
- ClassName: 'SunAwtDialog' WindowName: '??i? ? ???????'
- ClassName: 'SunAwtDialog' WindowName: '???? ? ???????'
- ClassName: 'SunAwtFrame' WindowName: '??i? ? ???????'
- ClassName: 'SunAwtFrame' WindowName: '???? ? ???????'