Technical Information
- <SYSTEM32>\tasks\svhost
- User Account Control (UAC)
- %APPDATA%\svhost.exe
- z:\$recycle.bin\s-1-5-21-1960123792-2022915161-3775307078-1001\desktop.ini
- C:\far2\addons\colors\custom_highlighting\recovery_instructions.html
- z:\boot\bcd.log1
- z:\boot\recovery_instructions.html
- z:\boot\bcd.log2
- z:\boot\bootstat.dat
- C:\far2\addons\colors\default_highlighting\recovery_instructions.html
- z:\$recycle.bin\s-1-5-21-1960123792-2022915161-3775307078-1001\desktop.ini
- from z:\boot\bcd.log1 to z:\boot\bcd.log1.readinstructions
- from z:\boot\bcd.log2 to z:\boot\bcd.log2.readinstructions
- from z:\boot\bootstat.dat to z:\boot\bootstat.dat.readinstructions
- '<LOCALNET>.58.1':445
- '<LOCALNET>.58.1':139
- '<SYSTEM32>\vssvc.exe'
- '%WINDIR%\syswow64\wbem\wmic.exe' SHADOWCOPY /nointeractive
- '<SYSTEM32>\taskeng.exe' {FA90A677-9367-4A66-95F0-30FA5EDFF349} S-1-5-21-1960123792-2022915161-3775307078-1001:napdhjpptsdu\user:Interactive:[1]