Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\attrib.exe -s -h ""%TEMP%\PPTPDI~1.EXE""
- <SYSTEM32>\hostsqlproc.exe
- <SYSTEM32>\objnetsrv.ocx
- %TEMP%\e3f08b35-55ae-4240-8584-867a6ede3bad
- %TEMP%\smss.exe
- %TEMP%\1.tmp.cmd
- <SYSTEM32>\procrashost.exe
- %TEMP%\2e53be10-a584-47d2-8c65-07c8c0a56d9b
- <SYSTEM32>\objfwcproc.exe
- %TEMP%\3e5f5633-f949-41af-a4c3-b0953a3dae0a
- <SYSTEM32>\pptpmsdhcp.exe
- %TEMP%\1.tmp.cmd
- %TEMP%\pptpdispsvc.exe
- 'localhost':1045
- '74.##5.232.51':80
- '82.##6.47.163':21
- '82.##6.51.22':80
- 74.##5.232.51/
- 82.##6.51.22http://82.146.51.22/joomla/modules/xsnt-direct.php
- DNS ASK www.google.com
- '<IP-адрес в локальной сети>':1046
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''