Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Internet Explorer\Extensions\{ABCDEfef-1234-2134-7980-213421423401}] 'Exec' = 'http://%77%77%77%2E%71%71%35%2E%63%6F%6D'
- [<HKLM>\SOFTWARE\Classes\file\shell\open\command] '' = '"%ProgramFiles%\Internet Explorer\IEXPLORE.EXE" -nohome'
- [<HKLM>\SOFTWARE\Classes\ftp\shell\open\command] '' = '"%ProgramFiles%\Internet Explorer\IEXPLORE.EXE" -nohome'
- [<HKLM>\SOFTWARE\Classes\HTTP\shell\open\command] '' = '"%ProgramFiles%\Internet Explorer\IEXPLORE.EXE" -nohome'
- [<HKLM>\SOFTWARE\Classes\mhtmlfile\shell\open\command] '' = '"%ProgramFiles%\Internet Explorer\IEXPLORE.EXE" -nohome'
- [<HKLM>\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] '' = '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE'
- [<HKLM>\SOFTWARE\Classes\https\shell\open\command] '' = '"%ProgramFiles%\Internet Explorer\IEXPLORE.EXE" -nohome'
- [<HKLM>\SOFTWARE\Classes\htmlfile\shell\open\command] '' = '"%ProgramFiles%\Internet Explorer\IEXPLORE.EXE" -nohome'
- %TEMP%\aut1.tmp
- <SYSTEM32>\HOME.ico
- %TEMP%\IE.reg
- %TEMP%\aut1.tmp
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%WINDIR%\regedit.exe' /S %TEMP%\IE.reg