Technical Information
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\2803563240] 'Name' = '%TEMP%\srvAD4.tmp'
- [<HKLM>\SYSTEM\ControlSet001\Services\srvAD4] 'Start' = '00000002'
- <SYSTEM32>\spoolsv.exe
- %TEMP%\srvAD4.ini
- %TEMP%\srvAD4.tmp
- %TEMP%\srvAD4.tmp
- '<Private IP address>':139
- '<Private IP address>':445