Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'recovery' = '<SYSTEM32>\infocmssrv.exe'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\ntvdm.exe -f -i1 -w -a <SYSTEM32>\krnl386.exe
- %TEMP%\868e6386-b014-4141-9c6d-83d0ad004921
- <SYSTEM32>\msinfohost.exe
- %TEMP%\237a7ed6-1b25-4489-88fe-fe56ecae1260
- <SYSTEM32>\infomsip.exe
- <SYSTEM32>\infocmssrv.exe
- <SYSTEM32>\fwcsvcpptp.exe
- <SYSTEM32>\ctfobjdns.ocx
- %TEMP%\fb8c09cf-48d4-4c2c-81f7-eab738ce587f
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''