Техническая информация
- '%TEMP%\RarSFX0\8.0.exe'
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /d www.11##d.com /f
- '<SYSTEM32>\reg.exe' add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /d 00000000 /f
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\RarSFX0\8.0.cmd" "
- %TEMP%\bassmod.dll
- %TEMP%\RarSFX0\8.0.cmd
- %TEMP%\RarSFX0\8.0.exe
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''