Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'recovery' = '<SYSTEM32>\infomonproc.exe'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\ntvdm.exe -f -i1 -w -a <SYSTEM32>\krnl386.exe
- %TEMP%\274e5c9c-6cda-418e-99e9-a5e5b6c3c73e
- <SYSTEM32>\dnsippdb.exe
- %TEMP%\539f1051-fbe0-46c6-b15e-af5331f335d1
- <SYSTEM32>\dhcppptppool.exe
- <SYSTEM32>\infomonproc.exe
- <SYSTEM32>\cmsdispip.exe
- <SYSTEM32>\dhcplsanet.ocx
- %TEMP%\b5a24f33-c780-45fb-94b7-575372ee8e7a
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''