Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Shell' = 'explorer.exe <Имя вируса>.exe'
- %WINDIR%\Media\Windows XP Start.wav
- 'localhost':80
- 'localhost':1035
- localhost/Site/Moji_hunter/Red-ReMoTe-beR/ReMoTe.txt
- ClassName: 'tloginform' WindowName: ''
- ClassName: 'ttbxtoolwindow' WindowName: ''
- ClassName: 'syslistview32' WindowName: ''
- ClassName: 'tapplication' WindowName: ''
- ClassName: 'tmainform' WindowName: ''
- ClassName: 'tlistview' WindowName: ''
- ClassName: 'tcombobox' WindowName: ''
- ClassName: 'tedit' WindowName: ''
- ClassName: 'YahooBuddyMain' WindowName: ''
- ClassName: '' WindowName: 'YLoginWnd'
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'ytopwindow' WindowName: ''
- ClassName: 'atl:007bf380' WindowName: ''
- ClassName: 'Notepad' WindowName: ''
- ClassName: 'Edit' WindowName: ''