Техническая информация
- [<HKLM>\SOFTWARE\Classes\CLSID\{86AEFBE8-763F-0647-899C-A93278894D8E}\Shell\Open\Command] '' = '%PROGRAM_FILES%\Internet Explorer\iexplore.exe http://www.dh818.com/?29'
- %WINDIR%\regedit.exe /S "<SYSTEM32>\xx_dh.reg"
- %TEMP%\nsh2.tmp\System.dll
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Жф¶Ї Internet Explorer дЇААЖч.lnk
- <SYSTEM32>\xx_dh.reg
- %TEMP%\nsh2.tmp\ShellLink.dll
- %TEMP%\nsh2.tmp\System.dll
- %TEMP%\nsh2.tmp\ShellLink.dll
- ClassName: 'RegEdit_RegEdit' WindowName: ''