Техническая информация
- [<HKCU>\software\Microsoft\Windows\CurrentVersion\Run] '02bc1fa0d69112a21ec01aa9b0484946' = '"%ALLUSERSPROFILE%\dwm.exe" ..'
- [<HKLM>\software\Microsoft\Windows\CurrentVersion\Run] '02bc1fa0d69112a21ec01aa9b0484946' = '"%ALLUSERSPROFILE%\dwm.exe" ..'
- [<HKLM>\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%ALLUSERSPROFILE%\dwm.exe' = '%ALLUSERSPROFILE%\dwm.exe:*:Enabled:...
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%ALLUSERSPROFILE%\dwm.exe" "dwm.exe" ENABLE
- %ALLUSERSPROFILE%\dwm.exe
- %ALLUSERSPROFILE%\dwm.exe
- DNS ASK cx###z.zz.am
- '%ALLUSERSPROFILE%\dwm.exe'
- '<SYSTEM32>\netsh.exe' firewall add allowedprogram "%ALLUSERSPROFILE%\dwm.exe" "dwm.exe" ENABLE' (со скрытым окном)