Техническая информация
- [<HKLM>\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] 'taskmsg' = '<SYSTEM32>\taskmsg.exe'
- [<HKLM>\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] 'taskmmr' = '<SYSTEM32>\taskmmr.exe'
- [<HKLM>\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\RUN] 'taskstm' = '<SYSTEM32>\taskstm.exe'
- Средство контроля пользовательских учетных записей (UAC)
- %WINDIR%\syswow64\stml.ini
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\caasbycl\dnserrordiagoff_weboc[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\re1n75kr\errorpagetemplate[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\0u8lpyu9\errorpagestrings[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\caasbycl\httperrorpagesscripts[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\bzjx5bke\background_gradient[2]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\bzjx5bke\info_48[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\0u8lpyu9\bullet[1]
- %LOCALAPPDATA%\microsoft\windows\<INETFILES>\content.ie5\caasbycl\down[1]
- 'ti####w.nist.gov':13
- 'ti###a.nist.gov':13
- DNS ASK ti####w.nist.gov
- DNS ASK ti###a.nist.gov
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''