Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{BC055ECD-F89E-4CAB-A758-2DC210DC9B48}] 'StubPath' = 'rundll32 "%ALLUSERSPROFILE%\Application Data\Internet\updatemgr.dll",SHGetFolderPathA A465C33E-368D-4574-AA6F-CCCA9152923B++{BC055ECD-F89E-4CAB-A758-2DC210DC9B48}'
- %TEMP%\mm.exe
- <SYSTEM32>\rundll32.exe "%ALLUSERSPROFILE%\Application Data\Themes\Blacks.theme",_MS_11_023@16 A465C33E-368D-4574-AA6F-CCCA9152923B++{BC055ECD-F89E-4CAB-A758-2DC210DC9B48}||%TEMP%\MIC2.tmp
- <SYSTEM32>\rundll32.exe "%ALLUSERSPROFILE%\Application Data\Internet\updatemgr.dll",SHGetFolderPathA A465C33E-368D-4574-AA6F-CCCA9152923B++{BC055ECD-F89E-4CAB-A758-2DC210DC9B48}||%TEMP%\MIC2.tmp
- <SYSTEM32>\rundll32.exe shell32.dll,Control_RunDLL %TEMP%\MIC2.tmp
- %TEMP%\D8.tmp
- %ALLUSERSPROFILE%\Application Data\Themes\Blacks.theme
- %ALLUSERSPROFILE%\Application Data\Internet\msupmgr.dll
- %ALLUSERSPROFILE%\Application Data\Internet\updatemgr.dll
- %TEMP%\F9.tmp
- %TEMP%\mm.exe
- %TEMP%\Ва±b©ъІУіqЄѕ.doc
- %TEMP%\A7.tmp
- %TEMP%\MIC2.tmp
- %TEMP%\F9.tmp
- %TEMP%\MIC2.tmp
- %TEMP%\D8.tmp
- %TEMP%\mm.exe
- %TEMP%\A7.tmp
- 'dh#####ain.ddns.info':80
- DNS ASK dh#####ain.ddns.info
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'WordPadClass' WindowName: ''