Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'win3298' = 'c:\MemoryStream.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'win3298' = 'C:\Documents and Settings\aitnetgod.exe'
- 'C:\Documents and Settings\aitnetgod.exe'
- 'C:\Documents and Settings\aitnetgod.exe' Йѕc:\MemoryStream.exe
- 'C:\MemoryStream.exe' Йѕ<Полный путь к вирусу>
- 'C:\MemoryStream.exe'
- %WINDIR%\win32.btlq
- C:\Documents and Settings\aitnetgod.exe
- C:\Documents and Settings\xvidcore.dll
- C:\Documents and Settings\aitnetgod.chm
- C:\MemoryStream.exe
- C:\xvidcore.dll
- C:\MemoryStream.exe
- DNS ASK yo##6.com
- 'yo##6.com':58888
- '11#.#11.111.11':11111
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''