Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'HomePage' = '{450f0919-55c5-4e6a-af0d-49783aa5412d}'
- %TEMP%\web-content-grabber-3.6.0.1.exe
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\windll.dll"
- %TEMP%\web-content-grabber-3.6.0.1.log
- %TEMP%\windll.dll
- %CommonProgramFiles%\HomePage\HomePage.dll
- %TEMP%\web-content-grabber-3.6.0.1.exe
- %TEMP%\nsc2.tmp\NSISdl.dll
- %TEMP%\tmp3.tmp
- %TEMP%\nsc2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- %TEMP%\tmp3.tmp
- 'cu####tversion.biz':80
- cu####tversion.biz/windows/version.php?ve#####################################
- DNS ASK cu####tversion.biz
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''