Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'FreeSpace' = '{bb7bf068-ad91-4882-a4f8-ef5c25834ed8}'
- <SYSTEM32>\regsvr32.exe /s %TEMP%\windll.dll
- <SYSTEM32>\ntvdm.exe -f -i1
- %TEMP%\flex-gif-animator-8.84.log
- %TEMP%\windll.dll
- %CommonProgramFiles%\Free\FreeSpace.dll
- %WINDIR%\Temp\scs4.tmp
- %TEMP%\flex-gif-animator-8.84.exe
- %TEMP%\nsx2.tmp\NSISdl.dll
- %WINDIR%\Temp\scs3.tmp
- %TEMP%\windll.dll
- %TEMP%\nsx2.tmp\NSISdl.dll
- %WINDIR%\Temp\scs3.tmp
- %WINDIR%\Temp\scs4.tmp
- '20#.#26.167.92':80
- 20#.#26.167.92/update/check_d.php?tn#######################
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-9b4.9b8.380001'
- ClassName: 'MozillaUIWindowClass' WindowName: ''