Техническая информация
- %TEMP%\is-LQ5MN.tmp\<Имя вируса>.tmp /SL5="$40036,694932,53248,<Полный путь к вирусу>"
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE Explorer\iexplore.exe http://12#.##4.9.113:8022/Insertbz.aspx?mc#######################################
- %WINDIR%\regedit.exe -s "%PROGRAM_FILES%\staticial\haohao.err"
- <SYSTEM32>\rundll32.exe "%PROGRAM_FILES%\staticial\smes.jel" staticflow
- %PROGRAM_FILES%\staticial\is-TFJBM.tmp
- %PROGRAM_FILES%\staticial\is-BKIKM.tmp
- %PROGRAM_FILES%\staticial\is-K0D85.tmp
- %PROGRAM_FILES%\staticial\unins000.dat
- %PROGRAM_FILES%\staticial\is-G25J0.tmp
- %PROGRAM_FILES%\staticial\is-35RNS.tmp
- %PROGRAM_FILES%\staticial\is-JOL1G.tmp
- %TEMP%\is-N5SFA.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-N5SFA.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-LQ5MN.tmp\<Имя вируса>.tmp
- %PROGRAM_FILES%\staticial\is-SGQJQ.tmp
- %PROGRAM_FILES%\staticial\is-7I90H.tmp
- %PROGRAM_FILES%\staticial\is-BLI2A.tmp
- %TEMP%\is-LQ5MN.tmp\<Имя вируса>.tmp
- %TEMP%\is-N5SFA.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-N5SFA.tmp\_isetup\_RegDLL.tmp
- 'localhost':1036
- ClassName: '' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''