Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'recovery' = '<SYSTEM32>\cfgfsfw.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\spoolcds] 'Name' = '<SYSTEM32>\spoolcds.dll'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\spoolsv.exe
- <SYSTEM32>\cfgfsfw.exe
- <SYSTEM32>\sysdhcppptp.exe
- %TEMP%\6c85ca29-1e22-46a5-9551-383c3f8165de
- <SYSTEM32>\msipdns.exe
- <SYSTEM32>\tapidnsdhcp.ocx
- <SYSTEM32>\svcapiid.exe
- %TEMP%\b7b5324f-eeca-4dc4-98d2-530e76a4b51d
- <SYSTEM32>\wmwinwm.exe
- <SYSTEM32>\pcpdbusb.exe
- %TEMP%\15c10e4b-1066-4c04-ba6d-34bab2584442
- '82.##6.47.163':21