Техническая информация
- [<HKLM>\SOFTWARE\Classes\IE0\shell\open\command] '' = '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE '
- [<HKLM>\SOFTWARE\Classes\IE\shell\open\command] '' = '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://5678dy.com/?4hao'
- расширений файлов
- %WINDIR%\regedit.exe /s ""%TEMP%\jia.reg""
- <SYSTEM32>\taskkill.exe /f /im ZhuDongFangyu.exe
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\.IE0
- %HOMEPATH%\Start Menu\Programs\Internet Explorer.IE
- %HOMEPATH%\Start Menu\.IE0
- %HOMEPATH%\Start Menu\Programs\.IE0
- %HOMEPATH%\Desktop\.IE0
- %TEMP%\jia.reg
- <Текущая директория>\tem9B5.tmp
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.IE
- %HOMEPATH%\Desktop\Internet Explorer.IE
- %HOMEPATH%\Start Menu\Internet Explorer.IE
- %TEMP%\jia.reg
- ClassName: 'Progman' WindowName: ''
- ClassName: 'SHELLDLL_DefView' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: ''