Код:
Разделы реестра: 11
Backdoor.IRCBot, HKLM\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{08B0E5C0-4FCB-11CF-AAX5-90401C608512}, , [98ce154cd8c17db9a1218605d1315fa1],
Backdoor.IRCBot, HKU\S-1-5-21-1334421162-2280587665-950272466-1156\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{08B0E5C0-4FCB-11CF-AAX5-90401C608512}, , [98ce154cd8c17db9a1218605d1315fa1],
Worm.AutoRun, HKLM\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{18B0E5C2-99CB-11CF-AXX5-00401C648513}, , [392d7be6623747efa2600096d2305aa6],
Worm.AutoRun, HKU\S-1-5-21-1334421162-2280587665-950272466-1156\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{18B0E5C2-99CB-11CF-AXX5-00401C648513}, , [392d7be6623747efa2600096d2305aa6],
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}, , [5412154cdfbad26423f5c4cad03236ca],
Trojan.Agent, HKU\S-1-5-21-1334421162-2280587665-950272466-1156\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}, , [5412154cdfbad26423f5c4cad03236ca],
Backdoor.Bifrose, HKLM\SOFTWARE\System32, , [382e530e04953600c46b3635996a926e],
Worm.AutoRun, HKLM\SOFTWARE\MICROSOFT\DRM\amty, , [4521fe637b1e023482e47e950301f907],
Backdoor.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\MINIMAL\dllcache, , [8cdae47dd0c9b1850cab6cffe91ad22e],
Backdoor.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\dllcache, , [372f362b88112b0bd3fa313ae32044bc],
Backdoor.Bot, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\sysdrv32, , [2145b7aa475294a23b335519d13206fa],
Значения реестра: 2
Hijack.FolderOptions, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoFolderOptions, 1, , [3036253cf8a187af28082d2d2ad93dc3]
Trojan.Agent, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Tok-Cirrhatus, "C:\Documents and Settings\V55555\Local Settings\Application Data\smss.exe", , [640272ef8d0c1224bb982ff351b2847c]
Данные реестра: 4
PUM.Optional.DisableRegistryTools, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegistryTools, 1, Хорошо: (0), Плохо: (1),,[d195e57c3b5e67cfc7198d5c1be9ca36]
Папки: 23
Trojan.Agent, C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013, , [26403d24a2f7cc6ab8f5ecc8976b34cc],
Backdoor.IRCBot, C:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013, , [baaca7ba2a6f63d3cdec496b3fc30ff1],
Worm.Brontok, C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-12-29, , [3e2818490099c76fd82c714589793ec2],
Worm.Brontok, C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-12-4, , [5a0cc79a5e3b88ae8381e5d1d0326f91],
Worm.Brontok, C:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-12-5, , [d3934c151c7d2115ea1a377fab57817f],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-1, , [4b1b3d24455459dd7c8831857f83e917],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-15, , [0363035e4c4d72c4e91b8a2c36cc48b8],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-16, , [9fc75110e0b9261041c30fa742c041bf],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-17, , [2b3badb4e4b562d44eb60bab9a68e21e],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-20, , [baac7be601983df939cbf8beb34f06fa],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-21, , [80e6065bbddc11257d876452eb179967],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-22, , [f571f36e9207d85e3aca3b7b2bd70000],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-23, , [c89e451c5f3a1323eb19417531d1a45c],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-24, , [dd891a474356b77f679dbcfa39c9dd23],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-27, , [4e187be63465a98df4102d89e121d12f],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-28, , [8cda075a029778be9a6abef8fe04b64a],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-29, , [adb97be6bddc04324fb5358116ec718f],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-30, , [da8c431e7c1d4beb0ff5744244bed828],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-4, , [3036451c51483105dc280ea8f60cc53b],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-5, , [4c1a431ecacfdc5ae2229e1830d2936d],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-6, , [6cfaa5bc91086dc932d23c7a24de916f],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\Bron.tok-12-7, , [3d29f56cb0e92016b74d7640fd054cb4],
Worm.Brontok, C:\Documents and Settings\Администратор\Local Settings\Application Data\Bron.tok-12-7, , [e581075a6f2ac5715aaa09ad57ab1ce4],
Файлы: 9
Trojan.Agent.Drop, C:\Documents and Settings\01_Filimonova_old\Local Settings\Temp\RarSFX1\hidcon.exe, , [4b1bda87badfd95dcd047fdb56ac7a86],
Worm.Brontok, C:\Documents and Settings\V55555\Local Settings\Application Data\inetinfo.exe, , [40267ae70198e84edbc5af9f71926e92],
Trojan.Agent.Trace, C:\WINDOWS\ufdata2000.log, , [a4c29ac78316f4426067a086d92b27d9],