Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ctfmon' = '%PROGRAM_FILES%\Microsoft Thread Control\ctfmon.exe'
- %PROGRAM_FILES%\Microsoft Thread Control\ctfmon.exe
- <SYSTEM32>\netsh.exe advfirewall firewall add rule name="System Thread" protocol=TCP dir =out action=allow
- %PROGRAM_FILES%\Microsoft Thread Control\ctfmon.exe
- %TEMP%\~DF233F.tmp
- '18#.#82.192.250':2554
- ClassName: 'TCPViewClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''