Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'Silence' = '{28c79000-7d4c-4443-80c8-fa89b94843f9}'
- <SYSTEM32>\regsvr32.exe /s ""%TEMP%\windll.dll""
- %TEMP%\windll.dll
- %CommonProgramFiles%\Silence\Silence.dll
- %TEMP%\ef-multi-file-renamer-2.60.log
- %TEMP%\ef-multi-file-renamer-2.60.exe
- %TEMP%\nst2.tmp\NSISdl.dll
- %TEMP%\nst2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- 'cu####tversion.us':80
- cu####tversion.us/version/windows.php?ve####################################
- DNS ASK cu####tversion.us
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'EFMR' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''