Техническая информация
- %PROGRAM_FILES%\ComPlus Applications\5745\takesoft.exe <Полный путь к вирусу>===
- %WINDIR%\regedit.exe /s "%PROGRAM_FILES%\ComPlus Applications\5745\test.reg"
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.ku##89.com/tongji/get.asp?ma########################################################
- <SYSTEM32>\taskkill.exe /f /im ZhuDongFangyu.exe
- %WINDIR%\regedit.exe
- %PROGRAM_FILES%\ComPlus Applications\5745\8.ico
- %PROGRAM_FILES%\ComPlus Applications\5745\7.ico
- %PROGRAM_FILES%\ComPlus Applications\5745\9.ico
- %PROGRAM_FILES%\ComPlus Applications\5745\test.reg
- %PROGRAM_FILES%\ComPlus Applications\5745\10.ico
- %PROGRAM_FILES%\ComPlus Applications\5745\6.ico
- %PROGRAM_FILES%\ComPlus Applications\5745\2.ico
- %PROGRAM_FILES%\ComPlus Applications\5745\takesoft.exe
- %PROGRAM_FILES%\ComPlus Applications\5745\3.ico
- %PROGRAM_FILES%\ComPlus Applications\5745\5.ico
- %PROGRAM_FILES%\ComPlus Applications\5745\4.ico
- ClassName: '' WindowName: ''