Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'DesktopConfig2' = '<Полный путь к вирусу>'
- %TEMP%\Qixi2010Setup.exe
- %TEMP%\Qixi2010Setup.exe (загружен из сети Интернет)
- %TEMP%\Qixi2010Setup.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\reg_cookie[1].jsp
- 'www.qi##55.com':80
- www.qi##55.com/interface/reg_cookie.jsp?ad##########################################################################################
- DNS ASK www.qi##55.com
- ClassName: 'Button' WindowName: '???(&N) >'
- ClassName: '#32770' WindowName: '?????? 2010Beta1 ??'