Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{921FCB86-E896-4B4D-852B-2F9725B3894C}] 'StubPath' = 'rundll32 "%ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\updatemgr.dll",TestOSVersion A465C33E-368D-4574-AA6F-CCCA9152923B++{921FCB86-E896-4B4D-852B-2F9725B3894C}'
- <SYSTEM32>\rundll32.exe "%ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Themes\Blacks.theme",_MS_11_023@16 A465C33E-368D-4574-AA6F-CCCA9152923B++{921FCB86-E896-4B4D-852B-2F9725B3894C}||%TEMP%\MIC1.tmp
- <SYSTEM32>\rundll32.exe "%ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\updatemgr.dll",TestOSVersion A465C33E-368D-4574-AA6F-CCCA9152923B++{921FCB86-E896-4B4D-852B-2F9725B3894C}||%TEMP%\MIC1.tmp
- <SYSTEM32>\rundll32.exe shell32.dll,Control_RunDLL %TEMP%\MIC1.tmp
- %TEMP%\D3.tmp
- %ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\updatemgr.dll
- %ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\msupmgr.dll
- %ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Themes\Blacks.theme
- %TEMP%\MIC1.tmp
- %TEMP%\A2.tmp
- %TEMP%\F4.tmp
- %TEMP%\F4.tmp
- %TEMP%\MIC1.tmp
- %TEMP%\A2.tmp
- %TEMP%\D3.tmp
- 'ms###n.ddns.us':53
- DNS ASK ms###n.ddns.us
- '<IP-адрес в локальной сети>':1035