Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\attrib.exe -s -h ""%TEMP%\DISPHO~1.EXE""
- <SYSTEM32>\dispobjnet.exe
- <SYSTEM32>\monipobj.ocx
- %TEMP%\c6f69edf-cc12-452b-aa3b-9a9fac339714
- %TEMP%\smss.exe
- %TEMP%\1.tmp.cmd
- %TEMP%\8b22961f-e905-4734-84e5-7d961d14f206
- <SYSTEM32>\netipsvc.exe
- <SYSTEM32>\rasobjsrv.exe
- %TEMP%\4dd08215-2d49-44c3-b30d-987b64fbfd73
- <SYSTEM32>\hostlsahost.exe
- %TEMP%\1.tmp.cmd
- %TEMP%\disphostdisp.exe
- 'localhost':1045
- '82.##6.51.22':80
- '82.##6.47.163':21
- 82.##6.51.22http://82.146.51.22/joomla/modules/xsnt-direct.php
- DNS ASK www.google.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''