Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'recovery' = '<SYSTEM32>\pptppclsa.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\spoolcds] 'Name' = '<SYSTEM32>\spoolcds.dll'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\spoolsv.exe
- <SYSTEM32>\pptppclsa.exe
- <SYSTEM32>\libdnsui.exe
- %TEMP%\38728cc5-2f64-41b5-866b-8dd56f0faa44
- <SYSTEM32>\sqlenvlib.exe
- <SYSTEM32>\libcmssrv.ocx
- <SYSTEM32>\ippdbmgr.exe
- %TEMP%\c331a1f3-ee20-40d0-b297-06b032969cac
- <SYSTEM32>\wmengudf.exe
- <SYSTEM32>\syshostid.exe
- %TEMP%\db5eaab6-ac1e-4a50-b206-f67f781de571
- '82.##6.47.163':21