Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'recovery' = '<SYSTEM32>\ctfdispnet.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'recovery' = '<SYSTEM32>\ctfdispnet.exe'
- %TEMP%\smss.exe 127.1 -n 5
- %TEMP%\poolhostpool.exe
- <SYSTEM32>\attrib.exe -s -h "%TEMP%\POOLHO~1.EXE"
- <SYSTEM32>\rasmsproc.exe
- %TEMP%\0672a385-1eb2-4bf2-9e97-eb854e4fc83c
- %TEMP%\1ad946f5-b354-46c4-b013-21cceb58d981
- %TEMP%\smss.exe
- %TEMP%\1.tmp.cmd
- <SYSTEM32>\infodhcpinfo.exe
- <SYSTEM32>\ctfdispnet.exe
- <SYSTEM32>\dnspptpdhcp.exe
- %TEMP%\1d65c288-0f61-47fb-8dc4-7979e568b369
- <SYSTEM32>\dnsippdb.exe
- <SYSTEM32>\objlsainfo.ocx
- %TEMP%\1.tmp.cmd
- %TEMP%\poolhostpool.exe
- 'localhost':1046
- '74.##5.232.51':80
- '82.##6.47.163':21
- '82.##6.51.22':80
- DNS ASK www.google.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''