Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'MSNetMeeting' = '{217020e9-531d-4ec1-9054-b93814949a2e}'
- %TEMP%\is-QFHB2.tmp\visual-certexam-manager-1.9.995.tmp /SL5="$300CE,1199535,54272,%TEMP%\visual-certexam-manager-1.9.995.exe"
- %TEMP%\visual-certexam-manager-1.9.995.exe
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\windll.dll"
- %TEMP%\visual-certexam-manager-1.9.995.log
- %TEMP%\is-5ON62.tmp\_isetup\_shfoldr.dll
- %CommonProgramFiles%\MS\MSNetMeeting.dll
- %TEMP%\windll.dll
- %TEMP%\nsh2.tmp\NSISdl.dll
- %TEMP%\visual-certexam-manager-1.9.995.exe
- %TEMP%\is-5ON62.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-QFHB2.tmp\visual-certexam-manager-1.9.995.tmp
- %TEMP%\nsh2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- 've##amo.us':80
- ve##amo.us/vstm/vstm.php?sf############################################
- DNS ASK ve##amo.us
- '<IP-адрес в локальной сети>':1034
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''