Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '376fb9f8568536eabb31054f2619a7be' = '"%HOMEPATH%\IEXPLORER.EXE" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '376fb9f8568536eabb31054f2619a7be' = '"%HOMEPATH%\IEXPLORER.EXE" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\376fb9f8568536eabb31054f2619a7be.exe
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%HOMEPATH%\IEXPLORER.EXE' = '%HOMEPATH%\IEXPLORER.EXE:*:Enabled:IEXPLO...
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%HOMEPATH%\IEXPLORER.EXE" "IEXPLORER.EXE" ENABLE
- %HOMEPATH%\IEXPLORER.EXE
- %HOMEPATH%:{4D006C00-6500-6600-4A00-7A0049007200}
- <Текущая директория>:{4D006C00-6500-6600-4A00-7A0049007200}
- %ALLUSERSPROFILE%\Application Data\Isolated Storage\{4D006C00-6500-6600-4A00-7A0049007200}
- 'eh###0.ddns.net':5552
- DNS ASK eh###0.ddns.net
- '%HOMEPATH%\IEXPLORER.EXE'