Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{8EA012F5-1170-4DAB-B077-2F7EC2618D92}] 'StubPath' = 'rundll32 "%ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\updatemgr.dll",TestOSVersion A465C33E-368D-4574-AA6F-CCCA9152923B++{8EA012F5-1170-4DAB-B077-2F7EC2618D92}'
- <SYSTEM32>\rundll32.exe "%ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Themes\Blacks.theme",_MS_11_023@16 A465C33E-368D-4574-AA6F-CCCA9152923B++{8EA012F5-1170-4DAB-B077-2F7EC2618D92}||"%TEMP%\MIC1.tmp"
- <SYSTEM32>\rundll32.exe "%ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\updatemgr.dll",TestOSVersion A465C33E-368D-4574-AA6F-CCCA9152923B++{8EA012F5-1170-4DAB-B077-2F7EC2618D92}||"%TEMP%\MIC1.tmp"
- <SYSTEM32>\rundll32.exe shell32.dll,Control_RunDLL "%TEMP%\MIC1.tmp"
- %TEMP%\D3.tmp
- %ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Themes\Blacks.theme
- %ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\msupmgr.dll
- %ALLUSERSPROFILE%\Application Data\Microsoft\HTML Help\updatemgr.dll
- %TEMP%\F4.tmp
- %TEMP%\msinfo.exe
- <Текущая директория>\ІЈ«~ёк®ЖЄн .doc
- %TEMP%\A2.tmp
- %TEMP%\MIC1.tmp
- %TEMP%\F4.tmp
- %TEMP%\MIC1.tmp
- %TEMP%\D3.tmp
- %TEMP%\msinfo.exe
- %TEMP%\A2.tmp
- 'tm#####updata.ddns.us':53
- 'ac#####op3.mymom.info':53
- DNS ASK tm#####updata.ddns.us
- DNS ASK ac#####op3.mymom.info
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'WordPadClass' WindowName: ''