Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'MSLocality' = '{661bbd57-85a1-469e-afaa-0e6f4c40bb6c}'
- %TEMP%\is-8RIKL.tmp\sdexplorer-pro-2.1.1.123.tmp /SL5="$300DA,1781763,141824,%TEMP%\sdexplorer-pro-2.1.1.123.exe"
- %TEMP%\sdexplorer-pro-2.1.1.123.exe
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\windll.dll"
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\Preferred
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\44440210-5aab-491b-a9aa-60c098f9e362
- %CommonProgramFiles%\MS\MSLocality.dll
- %TEMP%\windll.dll
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\4d39d9eca3756170c0d5a27dd471e8e2_23ef5514-3059-436f-a4a7-4cefaab20eb1
- %HOMEPATH%\My Documents\SDExplorer Logs\Exceptions.txt
- %TEMP%\is-8RIKL.tmp\sdexplorer-pro-2.1.1.123.tmp
- %TEMP%\nst2.tmp\NSISdl.dll
- %TEMP%\sdexplorer-pro-2.1.1.123.exe
- %TEMP%\is-N04T2.tmp\SetupDLL.dll
- %TEMP%\sdexplorer-pro-2.1.1.123.log
- %TEMP%\is-N04T2.tmp\_isetup\_shfoldr.dll
- %TEMP%\nst2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- 'cu####tversion.biz':80
- cu####tversion.biz/windows/version.php?ve##################################
- DNS ASK cu####tversion.biz
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''