Техническая информация
- '%WINDIR%\<Имя вируса>.exe'
- '<SYSTEM32>\reg.exe' add "HKEY_CLASSES_ROOT\CLSID\{A10AFF8B-F60D-4E71-89A0-522EAF8B676E}\DefaultIcon" /ve /d "%PROGRAM_FILES%\internet explorer\iexplore.exe" /f
- '<SYSTEM32>\reg.exe' add "HKEY_CLASSES_ROOT\CLSID\{A10AFF8B-F60D-4E71-89A0-522EAF8B676E}" /ve /d "Internet Explorer" /f
- '<SYSTEM32>\reg.exe' add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{A10AFF8B-F60D-4E71-89A0-522EAF8B676E}" /ve /d "Internet Explorer" /f
- '<SYSTEM32>\reg.exe' add "HKEY_CLASSES_ROOT\CLSID\{A10AFF8B-F60D-4E71-89A0-522EAF8B676E}\ShellFolder" /v "Attributes" /t REG_DWORD /d 00000089 /f
- '<SYSTEM32>\reg.exe' add "HKEY_CLASSES_ROOT\CLSID\{A10AFF8B-F60D-4E71-89A0-522EAF8B676E}\Shell\????(&H)\Command" /ve /d "%PROGRAM_FILES%\internet explorer\iexplore.exe www.18##g.com" /f
- '<SYSTEM32>\reg.exe' add "HKEY_CLASSES_ROOT\CLSID\{A10AFF8B-F60D-4E71-89A0-522EAF8B676E}\Shell\????(&H)" /ve /d "????(&H)" /f
- '<SYSTEM32>\ping.exe' 127.1
- '<SYSTEM32>\ping.exe' -a 127.1
- '<SYSTEM32>\cmd.exe' /c %TEMP%\\nResurrection.bat
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{871C5380-42A0-1069-A2EA-08002B30309D}" /t REG_DWORD /d "00000001" /f
- '<SYSTEM32>\cmd.exe' /c %TEMP%\\SetupShortcut.bat
- '<SYSTEM32>\cmd.exe' /c %TEMP%\\CopyAndDelete.bat
- %HOMEPATH%\Desktop\Internet Explorer.lnk
- %TEMP%\SetupShortcut.bat
- %TEMP%\CopyAndDelete.bat
- %TEMP%\nResurrection.bat
- %WINDIR%\<Имя вируса>.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''