Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Borujerd VIRUS' = '<Полный путь к вирусу>'
- ClassName: '' WindowName: 'Yahoo! Messenger'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\fr.yahoo[1]
- %WINDIR%\services.exe
- %WINDIR%\services.exe
- '67.##5.160.76':80
- 'localhost':1035
- 67.##5.160.76/_ylt=An5amFd._6pLicVBlTHjvtmhVM8F;_ylv=9/SIG=13qb3bldi/**http%3A//edit.europe.yahoo.com/config/login%3Flogout=1%26.src=yfp%26.intl=fr%26.direct=2%26.done=http%3A//fr.yahoo.com/
- DNS ASK fr.##hoo.com
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'YahooBuddyMain' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: '&Sign In'
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''