Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{316D927-ECE3-5AB7-787A-3D35714C2}] 'StubPath' = '%TEMP%\activex.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '<Полный путь к вирусу>'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '' = 'C:\Users\JSM\AppData\Roaming\DDoser'
- Компонент восстановления системы (SR)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\H0JK3MSO\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\CLSHKLWB\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\WHA3G1M7\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\8HIVC5MJ\desktop.ini
- %TEMP%\dw.log
- %TEMP%\activex.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
- %TEMP%\21B00.dmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\8HIVC5MJ\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\WHA3G1M7\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\CLSHKLWB\desktop.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\H0JK3MSO\desktop.ini
- 'sm##.live.com':587
- DNS ASK sm##.live.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''