Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'EventSubscription' = '{7cb0f2db-9541-4301-8f3f-436e25033c65}'
- '%TEMP%\mail-monitor-2.0.exe'
- '<SYSTEM32>\regsvr32.exe' /s %TEMP%\windll.dll
- %TEMP%\nsf4.tmp\InstallOptions.dll
- %TEMP%\nsf4.tmp\modern-header.bmp
- %CommonProgramFiles%\Event\EventSubscription.dll
- %TEMP%\windll.dll
- %TEMP%\nsf4.tmp\modern-wizard.bmp
- %TEMP%\nsa2.tmp\NSISdl.dll
- %TEMP%\mail-monitor-2.0.exe
- %TEMP%\nsf4.tmp\ioSpecial.ini
- %TEMP%\mail-monitor-2.0.log
- %TEMP%\nsa2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- '20#.#26.167.92':80
- 20#.#26.167.92/update/check_c.php?tn#################
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: 'MozillaUIWindowClass' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'