Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\MsSecurity1.203.2] 'ImagePath' = '%WINDIR%\<Имя вируса>.exe service'
- [<HKLM>\SYSTEM\ControlSet001\Services\MsSecurity1.203.2] 'Start' = '00000002'
- %WINDIR%\Temp\tmp1.tmp
- %WINDIR%\Temp\tmp2.tmp
- %WINDIR%\mscon.vga
- %WINDIR%\conlex.eom
- %WINDIR%\<Имя вируса>.exe
- %WINDIR%\mscon.vga
- %WINDIR%\conlex.eom
- %WINDIR%\Temp\tmp2.tmp
- %WINDIR%\Temp\tmp1.tmp
- 'my##ube.org':80
- http://my###be.org:80/files.php?ui########################################### via my##ube.org
- DNS ASK my##ube.org