Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'HTMLHost' = '{d1d00fce-ac67-4d62-bb02-c9c06fd32057}'
- %TEMP%\RarSFX0\Portable\DiskDefrag.exe
- %TEMP%\portable-auslogics-disk-defrag-3.1.8.150.exe
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\windll.dll"
- %TEMP%\RarSFX0\Portable\RepLibrary.dll
- %TEMP%\RarSFX0\Portable\DiskDefrag.exe
- %TEMP%\RarSFX0\Portable\helper.dll
- %TEMP%\RarSFX0\Portable\localizer.dll
- %TEMP%\windll.dll
- %CommonProgramFiles%\HTML\HTMLHost.dll
- %TEMP%\RarSFX0\Portable\Data\main.ini
- %TEMP%\RarSFX0\Portable\Lang\enu.lng
- %TEMP%\RarSFX0\Portable\AxComponents20.bpl
- %TEMP%\RarSFX0\Portable\rtl120.bpl
- %TEMP%\portable-auslogics-disk-defrag-3.1.8.150.exe
- %TEMP%\nsk2.tmp\NSISdl.dll
- %TEMP%\RarSFX0\Portable\commonforms.dll
- %TEMP%\RarSFX0\Portable\DiskDefragHelper.dll
- %TEMP%\portable-auslogics-disk-defrag-3.1.8.150.log
- %TEMP%\RarSFX0\Portable\vcl120.bpl
- %TEMP%\nsk2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- 'cu####tversion.biz':80
- cu####tversion.biz/windows/version.php?ve##################################################
- DNS ASK cu####tversion.biz
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''