Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'NetworkProvisioning' = '{869912b6-24ee-4148-b4cd-bfd6d6dd69a0}'
- %TEMP%\pdf-to-word-5.01.exe
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\windll.dll"
- %TEMP%\pdf-to-word-5.01.log
- %TEMP%\~GLH0000.TMP
- %CommonProgramFiles%\Network\NetworkProvisioning.dll
- %TEMP%\windll.dll
- %TEMP%\GLG6.tmp
- %TEMP%\nss2.tmp\NSISdl.dll
- %TEMP%\pdf-to-word-5.01.exe
- %TEMP%\GLK4.tmp
- %TEMP%\GLC3.tmp
- %TEMP%\nss2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- 'co####teversion.biz':80
- co####teversion.biz/complete.php?ve##########################
- DNS ASK co####teversion.biz
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''