Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'recovery' = '<SYSTEM32>\ctfnetctf.exe'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\ntvdm.exe -f -i1 -w -a <SYSTEM32>\krnl386.exe
- <SYSTEM32>\lsarassvc.exe
- %TEMP%\d99ad778-7696-4108-8d10-c9db4c3034ce
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\xsnt[1].htm
- %TEMP%\916e15fc-6d01-480f-a1e8-95e2558e74ba
- <SYSTEM32>\svcobjsvc.exe
- <SYSTEM32>\ctfnetctf.exe
- <SYSTEM32>\hostpptpcms.exe
- <SYSTEM32>\ctfpptpobj.ocx
- %TEMP%\c1f8cf58-f709-4752-b016-804d10fcec0c
- '82.##6.51.22':80
- 'localhost':1037
- 82.##6.51.22/joomla/modules/xsnt.php
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''