9 Years of Service
74%
This archive is a embed exploit that bookmarks any url given. It all starts by sending IE user in a iframe or any other method to your (index.php?url=http://www.yoursite.com). Any time a IE user visit the url it will popup a warning and if the user presses Yes it will add your domain to the system and start the website everytime the computer starts.
How to use?
1) Upload index.php and add your domain in front of ?url=
2) Send your IE visitors to the url
3) Anytime a user press Yes. Your site url is added
4) Now everytime a infected machine starts the system it will open your url in Internet Explorer.
How to remove?
To remove is quite simple, open your registry editor and navigate to the key. From there just delete it.
Download
Virustotal
How to use?
1) Upload index.php and add your domain in front of ?url=
2) Send your IE visitors to the url
3) Anytime a user press Yes. Your site url is added
4) Now everytime a infected machine starts the system it will open your url in Internet Explorer.
How to remove?
To remove is quite simple, open your registry editor and navigate to the key. From there just delete it.
Download
This link is hidden for visitors. Please Log in or register now.
Virustotal
This link is hidden for visitors. Please Log in or register now.