Техническая информация
- [<HKLM>\SOFTWARE\Classes\.NewIE0\shell\open\command] '' = 'IEXPLORE.EXE '
- [<HKLM>\SOFTWARE\Classes\.NewIE\shell\open\command] '' = 'IEXPLORE.EXE http://www.369163.com'
- расширений файлов
- %WINDIR%\1059\spring.jpg 1424
- %WINDIR%\1059\mone.jpg
- %WINDIR%\1059\women.jpg <Полный путь к вирусу>===
- %WINDIR%\regedit.exe /s "%WINDIR%\1059\jia.reg"
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://bb#.#ao122.info/get.asp?ma#################################################################################################################
- %WINDIR%\1059\jia.reg
- %WINDIR%\1059\Sunset.jpg
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.NewIE
- %WINDIR%\1059\mone.jpg
- %WINDIR%\1059\spring.jpg
- %WINDIR%\1059\winner.jpg
- %HOMEPATH%\Start Menu\Internet Explorer.NewIE
- %HOMEPATH%\Start Menu\.NewIE0
- %HOMEPATH%\Desktop\.NewIE0
- %HOMEPATH%\Start Menu\Programs\.NewIE0
- %HOMEPATH%\Desktop\Internet Explorer.NewIE
- %HOMEPATH%\Start Menu\Programs\Internet Explorer.NewIE
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\.NewIE0
- %WINDIR%\1059\5.ico
- %WINDIR%\1059\6.ico
- %WINDIR%\1059\7.ico
- %WINDIR%\1059\2.ico
- %WINDIR%\1059\3.ico
- %WINDIR%\1059\4.ico
- %WINDIR%\1059\8.ico
- %WINDIR%\1059\17.ico
- %WINDIR%\1059\13.ico
- %WINDIR%\1059\women.jpg
- %WINDIR%\1059\9.ico
- %WINDIR%\1059\10.ico
- %WINDIR%\1059\11.ico
- ClassName: '' WindowName: ''