Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\attrib.exe -s -h ""%TEMP%\ipsqlcms.exe""
- <SYSTEM32>\sqlmoncms.exe
- <SYSTEM32>\ctfmonsvc.ocx
- %TEMP%\2bcdf76e-742d-42b5-911e-57b9509e4ece
- %TEMP%\smss.exe
- %TEMP%\1.tmp.cmd
- <SYSTEM32>\mspdbip.exe
- %TEMP%\77e90a49-c8a8-488c-ae38-06e14d620a2a
- <SYSTEM32>\rasdispcms.exe
- %TEMP%\93b1fc6b-b03d-439b-9973-39fc2208d368
- <SYSTEM32>\svcmonfwc.exe
- %TEMP%\1.tmp.cmd
- %TEMP%\ipsqlcms.exe
- 'localhost':1047
- '74.##5.232.51':80
- '82.##6.47.163':21
- '82.##6.51.22':80
- 74.##5.232.51/
- 82.##6.51.22http://82.146.51.22/joomla/modules/xsnt-direct.php
- DNS ASK www.google.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''