Техническая информация
- %WINDIR%\regedit.exe /SC /E C:\lala44.txt HKEY_CURRENT_USER\Software\GbPlugin
- <SYSTEM32>\cmd.exe /c ""C:\linkbat.bat""
- %HOMEPATH%\Desktop\Internet Explorer.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
- %HOMEPATH%\Start Menu\Programs\Internet Explorer.lnk
- %HOMEPATH%\Internet Explorer.lnk
- C:\linkbat.txt
- C:\lazer.gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\lazer[1].gif
- <DRIVERS>\etc\lmhosts
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\readme[1].txt
- <DRIVERS>\etc\lmhosts
- C:\linkbat.bat
- C:\lazer.gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\readme[1].txt
- <DRIVERS>\etc\hosts
- <DRIVERS>\etc\lmhosts.sam
- %HOMEPATH%\Desktop\Internet Explorer.lnk
- '15#.#7.40.27':80
- '20#.#39.113.155':80
- 'localhost':1036
- 15#.#7.40.27/.../readme.txt
- 20#.#39.113.155/lazer.gif
- 20#.#39.113.155/envc.php
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''