Техническая информация
- [<HKLM>\SOFTWARE\Classes\JSEFileMMC\Shell\Open\Command] '' = ''
- '%TEMP%\is-C3VAD.tmp\<Имя вируса>.tmp' /SL5="$30092,65197,54272,<Полный путь к вирусу>"
- '<SYSTEM32>\wscript.exe' "%HOMEPATH%\Templates\Sec360.jse"
- %PROGRAM_FILES%\NetMeeting\tt.ico
- %TEMP%\is-TCR9F.tmp\Sec360.jse
- %HOMEPATH%\Templates\Sec360.jse
- %TEMP%\is-TCR9F.tmp\tt.ico
- %TEMP%\is-C3VAD.tmp\<Имя вируса>.tmp
- %TEMP%\is-TCR9F.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-TCR9F.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-TCR9F.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-C3VAD.tmp\<Имя вируса>.tmp
- %TEMP%\is-TCR9F.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-TCR9F.tmp\Sec360.jse
- %TEMP%\is-TCR9F.tmp\tt.ico
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'