Техническая информация
- [<HKLM>\SOFTWARE\Classes\lnkfile\shell\open\command] '' = '"%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE" http://www.budazi.com/'
- [<HKLM>\SOFTWARE\Classes\Folder\shell\open\command] '' = ''
- %WINDIR%\regedit.exe /s "%TEMP%\TempIE.reg"
- <SYSTEM32>\rundll32.exe advpack.dll,DelNodeRunDLL32 %HOMEPATH%\Start Menu\Programs\Internet Explorer.lnk
- <SYSTEM32>\taskkill.exe /f /im ZhuDongFangyu.exe
- %HOMEPATH%\Desktop\Internat Explorer.dll
- %PROGRAM_FILES%\Internat Explorer.url
- %TEMP%\TempIE.reg
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internat Explorer.dll
- %HOMEPATH%\Start Menu\Internat Explorer.ico
- C:\RegTemp.txt
- C:\Internat Explorer.url
- %HOMEPATH%\Start Menu\Programs\Internat Explorer.ico
- C:\RegTemp.txt
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'Progman' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''