Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'SystemDevice' = '{1c42b77a-659b-4849-961b-2bcb4c567a35}'
- %TEMP%\webcam-surveyor-1.8.0-build-405.exe
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\windll.dll"
- %TEMP%\webcam-surveyor-1.8.0-build-405.log
- %TEMP%\windll.dll
- %CommonProgramFiles%\System\SystemDevice.dll
- %APPDATA%\GetRightToGo\webcam-surveyor-1.8.0-build-405.data0
- %TEMP%\webcam-surveyor-1.8.0-build-405.exe
- %TEMP%\nsm2.tmp\NSISdl.dll
- %APPDATA%\GetRightToGo\webcam-surveyor-1.8.0-build-405.data
- %TEMP%\nsm2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- 'cu####tversion.biz':80
- cu####tversion.biz/windows/version.php?ve#########################################
- DNS ASK cu####tversion.biz
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''