Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6096E38F-5AC1-4391-8EC4-75DFA92FB32F}] 'Exec' = 'http://www.44-5.cn'
- [<HKLM>\SOFTWARE\Classes\CLSID\{98745625-1234-1234-1234-1234567890AB}\Shell\Open\Command] '' = '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.44-5.cn/'
- %WINDIR%\regedit.exe /S <SYSTEM32>\wmpui.bat
- %WINDIR%\regedit.exe /S <SYSTEM32>\wmpui.reg
- <SYSTEM32>\attrib.exe -h -s -r -a "%HOMEPATH%\╫└├ц\Internet Explorer.lnk"
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\wmpui.bat
- %WINDIR%\regedit.exe /s wmpui.reg
- <SYSTEM32>\Internet Explorer.lnk
- <SYSTEM32>\ПФКѕЧАГж.scf
- %CommonProgramFiles%\baidu.htm
- <SYSTEM32>\baidu.htm
- <SYSTEM32>\wmpui.reg
- <SYSTEM32>\wmpui.ico
- <SYSTEM32>\wmpui.bat
- <SYSTEM32>\wmpui.reg
- ClassName: 'RegEdit_RegEdit' WindowName: ''