Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'MSStockPicture' = '{55f243ff-7bcd-40ab-8003-448a46ec3584}'
- %TEMP%\is-OLORQ.tmp\recovery-toolbox-for-excel-1.1.9.51.tmp /SL5="$300DC,635809,53248,%TEMP%\recovery-toolbox-for-excel-1.1.9.51.exe"
- %TEMP%\recovery-toolbox-for-excel-1.1.9.51.exe
- <SYSTEM32>\regsvr32.exe /s %TEMP%\windll.dll
- %TEMP%\is-SB24R.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-SB24R.tmp\_isetup\_RegDLL.tmp
- %CommonProgramFiles%\MS\MSStockPicture.dll
- %TEMP%\windll.dll
- %TEMP%\nsl2.tmp\NSISdl.dll
- %TEMP%\recovery-toolbox-for-excel-1.1.9.51.exe
- %TEMP%\recovery-toolbox-for-excel-1.1.9.51.log
- %TEMP%\is-OLORQ.tmp\recovery-toolbox-for-excel-1.1.9.51.tmp
- %TEMP%\nsl2.tmp\NSISdl.dll
- %TEMP%\windll.dll
- '20#.#26.167.92':80
- 20#.#26.167.92/update/check_d1.php?tn####################################
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''