Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'Winipdat' = '{4F131894-7682-4481-99CE-5507DDD60FB0}'
- [<HKLM>\SYSTEM\ControlSet001\Services\System Event Dispatcher] 'Start' = '00000002'
- '<SYSTEM32>\sgvrfy32.exe'
- '<SYSTEM32>\sgvrfy32.exe' -i
- <SYSTEM32>\svrltmgr.dll
- <SYSTEM32>\vdorctrl.dll
- <SYSTEM32>\cmproxfr.dll
- <SYSTEM32>\winipdat\winipdat.log
- <SYSTEM32>\sgvrfy32.exe
- <SYSTEM32>\winipdat\winipdll\svrltwp.dll
- %TEMP%\MSVxRsc.dll
- %TEMP%\UUU1.tmp
- <SYSTEM32>\wzodlg32.dll
- %TEMP%\UUU3.tmp
- %TEMP%\UUU2.tmp
- %TEMP%\UUU3.tmp
- %TEMP%\MSVxRsc.dll
- %TEMP%\UUU1.tmp
- %TEMP%\UUU2.tmp
- '17#.16.1.10':16768