Техническая информация
- [<HKLM>\SOFTWARE\Classes\CLSID\{B416D21B-3B22-B6D4-BBD3-BBD452DB3D5B}\Shell\Open\Command] '' = '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\Browsers\Brow.exe'
- %WINDIR%\Tasks\svchost.exe
- '%WINDIR%\Tasks\svchost.exe'
- '%WINDIR%\regedit.exe' /s %WINDIR%\AppPatch\Custn\desktop.reg
- '<SYSTEM32>\wscript.exe' "%WINDIR%\AppPatch\Custn\web.vbs"
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\Browsers\Brow.exe
- %TEMP%\ytkj\xconfig.txt
- %WINDIR%\AppPatch\Custn\desktop.reg
- %WINDIR%\AppPatch\Custn\web.vbs
- %WINDIR%\AppPatch\Custn\web.vbs
- %WINDIR%\AppPatch\Custn\desktop.reg
- 'pl##.#oomeng.com':80
- pl##.#oomeng.com/icafeads/ip2cfg/?us##############################
- DNS ASK pl##.#oomeng.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''