Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Services.vbs
- <SYSTEM32>\reg.exe ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu /v {871C5380-42A0-1069-A2EA-08002B30309D} /t REG_DWORD /d 1 /f
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://so##.com
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoInternetIcon' = '00000000'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\so92[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\so92[1]
- C:\system.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\so92[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\so92[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\so92[1]
- C:\system.dat
- 'localhost':1040
- 'localhost':1042
- 'so##.com':80
- 'vi#.#aqio.com':9999
- 'localhost':1038
- so##.com/
- DNS ASK so##.com
- DNS ASK vi#.#aqio.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''