Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run] 'SOUNDMAX' = '%WINDIR%\2.bat'
- <Drive name for removable media>:\www.html
- %WINDIR%\regdit.exe /s %WINDIR%\bak.reg
- %WINDIR%\SVCHOST.ini
- %WINDIR%\regdit.exe
- %WINDIR%\bak.reg
- %WINDIR%\2.bat
- %WINDIR%\SVCHOST.ini
- %WINDIR%\regdit.exe
- %WINDIR%\bak.reg
- from %WINDIR%\SVCHOST.ini to %WINDIR%\2.bat
- 'www.ha##23.com':80
- www.ha##23.com/
- DNS ASK www.ha##23.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''