Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'recovery' = '<SYSTEM32>\msfwdsp.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\spoolcds] 'Name' = '<SYSTEM32>\spoolcds.dll'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\spoolsv.exe
- <SYSTEM32>\msfwdsp.exe
- <SYSTEM32>\dhcpobjwdm.exe
- %TEMP%\2156c653-5c8c-48f6-b79d-71902ede6277
- <SYSTEM32>\wmwinfs.exe
- <SYSTEM32>\pclsafw.ocx
- <SYSTEM32>\pptppceng.exe
- %TEMP%\cfdf596f-249b-4fe7-ac9d-1c9ab221bfb5
- <SYSTEM32>\netmonwin.exe
- <SYSTEM32>\usbidenv.exe
- %TEMP%\f8733d30-dd36-487c-8b45-9b1a708264c1
- '82.##6.47.163':21