Техническая информация
- '%TEMP%\is-VC92Q.tmp\inst.exe'
- '%TEMP%\is-LG27M.tmp\<Имя вируса>.tmp' /SL5="$30092,14081427,54272,<Полный путь к вирусу>"
- '<SYSTEM32>\ping.exe' 127.1 -n 3
- %PROGRAM_FILES%\Internet Explorer.lnk
- %PROGRAM_FILES%\淘宝导购.lnk
- %HOMEPATH%\Favorites\淘宝导购.url
- %HOMEPATH%\Favorites\网址大全.url
- %ALLUSERSPROFILE%\Start Menu\网址大全.lnk
- %PROGRAM_FILES%\启动 IE 浏览器.lnk
- %PROGRAM_FILES%\网址大全.lnk
- %ALLUSERSPROFILE%\Start Menu\淘宝导购.lnk
- %TEMP%\is-VC92Q.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-VC92Q.tmp\isskin.dll
- %TEMP%\is-LG27M.tmp\<Имя вируса>.tmp
- %TEMP%\is-VC92Q.tmp\_isetup\_RegDLL.tmp
- %TEMP%\aut1.tmp
- %WINDIR%\taobao.ico
- %TEMP%\is-VC92Q.tmp\MacOS.cjstyles
- %TEMP%\is-VC92Q.tmp\inst.exe
- %ALLUSERSPROFILE%\Desktop\Internet Explorer.lnk
- %TEMP%\is-VC92Q.tmp\inst.exe
- %TEMP%\aut1.tmp
- %PROGRAM_FILES%\网址大全.lnk в %ALLUSERSPROFILE%\Desktop\网址大全.lnk
- %PROGRAM_FILES%\启动 IE 浏览器.lnk в %APPDATA%\Microsoft\Internet Explorer\Quick Launch\启动 IE 浏览器.lnk
- %PROGRAM_FILES%\Internet Explorer.lnk в %ALLUSERSPROFILE%\Desktop\Internet Explorer.lnk
- %PROGRAM_FILES%\淘宝导购.lnk в %ALLUSERSPROFILE%\Desktop\淘宝导购.lnk
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'