Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'HyperTerminalConnection' = '{e3997e5d-38b8-414d-afd8-0b3fc7b65a9c}'
- '%TEMP%\sysinfotools-base-repair-1.0.exe'
- '<SYSTEM32>\regsvr32.exe' /s "%TEMP%\windll.dll"
- %TEMP%\sysinfotools-base-repair-1.0.log
- %TEMP%\windll.dll
- %CommonProgramFiles%\HyperTerminal\HyperTerminalConnection.dll
- %APPDATA%\GetRightToGo\sysinfotools-base-repair-1.0.data0
- %TEMP%\sysinfotools-base-repair-1.0.exe
- %TEMP%\nso2.tmp\NSISdl.dll
- %APPDATA%\GetRightToGo\sysinfotools-base-repair-1.0.data
- %TEMP%\nso2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- 'cu####tversion.biz':80
- cu####tversion.biz/windows/version.php?ve######################################
- DNS ASK cu####tversion.biz
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''