Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'ADODBError' = '{cfa7e5c4-d734-4bd1-b073-153c3a9c7ed6}'
- %TEMP%\is-BCCAV.tmp\is-NIICQ.tmp /SL4 $300DC "%TEMP%\kernel-exchange-ost-recovery-software-7.05.01.exe" 1731942 75264
- %TEMP%\kernel-exchange-ost-recovery-software-7.05.01.exe
- <SYSTEM32>\regsvr32.exe /s "%TEMP%\windll.dll"
- %TEMP%\kernel-exchange-ost-recovery-software-7.05.01.log
- %TEMP%\windll.dll
- %CommonProgramFiles%\ADODB\ADODBError.dll
- %TEMP%\is-H504Q.tmp\_isetup\_shfoldr.dll
- %TEMP%\kernel-exchange-ost-recovery-software-7.05.01.exe
- %TEMP%\is-BCCAV.tmp\is-NIICQ.tmp
- %TEMP%\is-H504Q.tmp\_isetup\_RegDLL.tmp
- %TEMP%\windll.dll
- 'cu####tversion.biz':80
- cu####tversion.biz/windows/version.php?ve#######################################################
- DNS ASK cu####tversion.biz
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''