Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'recovery' = '<SYSTEM32>\ntmswdm.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}] 'StubPath' = 'rundll32.exe <SYSTEM32>\themeuichk.dll,ThemesSetupInstallCheck'
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\spoolcds] 'Name' = '<SYSTEM32>\spoolcds.dll'
- %WINDIR%\Tasks\SA.DAT
- <SYSTEM32>\spoolsv.exe
- <SYSTEM32>\ntmswdm.exe
- <SYSTEM32>\engwdmpc.exe
- %TEMP%\5de73e88-437e-4beb-a394-d83a9d7ad261
- <SYSTEM32>\sqlobjnet.exe
- <SYSTEM32>\cmsidcfg.ocx
- <SYSTEM32>\apiobjcms.exe
- %TEMP%\fb372a5d-cbee-4f7e-a8ba-c40b28da712b
- <SYSTEM32>\envntmon.exe
- <SYSTEM32>\udfwdmschd.exe
- %TEMP%\5ef657d6-228f-4e28-bd1f-ee46227cacfa
- '82.##6.47.163':21