Техническая информация
- <SYSTEM32>\reg.exe add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v NoBrowserOptions /t REG_DWORD /d 1
- <SYSTEM32>\reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v AutoConfigURL /t REG_MULTI_SZ /d http://a1######.worknovodomain.com/
- <SYSTEM32>\taskkill.exe /F /IM firefox.exe
- <SYSTEM32>\reg.exe add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v Proxy /t REG_DWORD /d 1
- <SYSTEM32>\reg.exe add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel"
- <SYSTEM32>\reg.exe add "HKCU\Software\Policies\Microsoft\Internet Explorer"
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.10####agen-biel.ch/frame/var/html/ACCESS.PHP
- firefox.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\a1b2c3d4.worknovodomain[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ACCESS[1].PHP
- <Текущая директория>\85uij8g56732
- <Текущая директория>\58uijf58ti712
- <Текущая директория>\58uijf58ti712
- <Текущая директория>\85uij8g56732
- 'www.10####agen-biel.ch':80
- 'a1######.worknovodomain.com':80
- 'localhost':1035
- www.10####agen-biel.ch/frame/var/html/ACCESS.PHP
- a1######.worknovodomain.com/
- DNS ASK www.10####agen-biel.ch
- DNS ASK a1######.worknovodomain.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''