Техническая информация
- <SYSTEM32>\<Имя вируса>.exe
- <SYSTEM32>\lsass32.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\nowayfake3[1].txt
- <SYSTEM32>\wincontrol.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\nowaysys3[1].txt
- <SYSTEM32>\<Имя вируса>.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\nowayfake[1].txt
- <SYSTEM32>\ccsys_control.dll
- <SYSTEM32>\<Имя вируса>.exe
- 'www.y9##.com':80
- www.y9##.com/vol/red/nowayfake3.txt
- www.y9##.com/vol/red/nowaysys3.txt
- www.y9##.com/vol/red/nowayfake.txt
- DNS ASK www.y9##.com
- ClassName: '#32770' WindowName: '????????????'
- ClassName: '' WindowName: '???????????? KV2004??????????'
- ClassName: 'TForm1' WindowName: ''
- ClassName: 'Tapplication' WindowName: '????????????????'
- ClassName: 'KVXP_Monitor' WindowName: '???????????? ??????????'
- ClassName: '' WindowName: 'Symantec AntiVirus ??????'
- ClassName: '#32770' WindowName: '????????????????????'
- ClassName: '#32770' WindowName: '????????'
- ClassName: '' WindowName: 'Symantec AntiVirus'