Техническая информация
- '<SYSTEM32>\reg.exe' add "HKEY_USERS\S-1-5-21-2025429265-790525478-839522115-1003\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://www.r2###soft.ir" /f
- '<SYSTEM32>\cmd.exe' /c reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sheed A.V." /v "InstallLocation"
- '<SYSTEM32>\reg.exe' query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sheed A.V." /v "InstallLocation"
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\2851.bat" <Полный путь к вирусу>"
- '<SYSTEM32>\reg.exe' add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://www.r2###soft.ir" /f
- '<SYSTEM32>\reg.exe' add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://www.r2###soft.ir" /f
- %TEMP%\2851.bat
- %TEMP%\2851.bat