Техническая информация
- [<HKLM>\SOFTWARE\Classes\hpf\shell\open\command] '' = 'IEXPLORE.EXE http://www.piaofang.net/?wj'
- [<HKLM>\SOFTWARE\Classes\htb\shell\open\command] '' = 'IEXPLORE.EXE http://taobao.loliso.com/?wj'
- [<HKLM>\SOFTWARE\Classes\hdh\shell\open\command] '' = 'IEXPLORE.EXE http://www.35yes.com/?wj'
- [<HKLM>\SOFTWARE\Classes\hyx\shell\open\command] '' = 'IEXPLORE.EXE http://www.d91d.com/?wj'
- <SYSTEM32>\cacls.exe "\Internet Expleror.hdh" /e /c /G Everyone:r
- <SYSTEM32>\cacls.exe "%ALLUSERSPROFILE%\Desktop\Internet Expleror.hdh" /e /c /r "Power Users"
- <SYSTEM32>\cacls.exe "\Internet Expleror.hdh" /e /c /r %USERNAME%s
- <SYSTEM32>\cacls.exe "\Internet Expleror.hdh" /e /c /r Users
- <SYSTEM32>\cacls.exe "\Internet Expleror.hdh" /e /c /r System
- <SYSTEM32>\cacls.exe "%ALLUSERSPROFILE%\Desktop\Internet Expleror.hdh" /e /c /r "Authenticated Users"
- <SYSTEM32>\cacls.exe "%ALLUSERSPROFILE%\Desktop\Internet Expleror.hdh" /e /c /r %USERNAME%s
- <SYSTEM32>\cacls.exe "%ALLUSERSPROFILE%\Desktop\Internet Expleror.hdh" /e /c /G Everyone:r
- <SYSTEM32>\cacls.exe "%ALLUSERSPROFILE%\Desktop\Internet Expleror.hdh" /e /c /r System
- <SYSTEM32>\cacls.exe "%ALLUSERSPROFILE%\Desktop\Internet Expleror.hdh" /e /c /r "%USERNAME%
- <SYSTEM32>\cacls.exe "%ALLUSERSPROFILE%\Desktop\Internet Expleror.hdh" /e /c /r Users
- %PROGRAM_FILES%\Internet Explorer\Connection Wizard\tbgw.ico
- %PROGRAM_FILES%\Internet Explorer\Connection Wizard\tbgw.ico
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''