Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MS AntiSpyware 2009' = '"<Полный путь к вирусу>" /autorun'
- [<HKCU>\Software\Microsoft\MessengerService]
- %ALLUSERSPROFILE%\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\LOG\20121023011315453.log
- 'in#.###roreport2.com':80
- 'in#.###roreport1.com':80
- in#.###roreport2.com/stat.php?fu################################################
- in#.###roreport2.com/stat.php?fu#####
- in#.###roreport1.com/stat.php?fu#####
- DNS ASK in#.###roreport2.com
- DNS ASK in#.###roreport1.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'msctls_updown32' WindowName: ''
- ClassName: 'TMainForm' WindowName: 'MS AntiSpyware 2009'
- ClassName: 'Shell_TrayWnd' WindowName: ''